* When generating an encrypted SSL certificate, derive an SSH public
  key from the private key and store in the pubkeys table for the
  user. Note that SSH version 2 RSA keys are actually just openssl RSA
  keys, and that ssh-keygen can extract an ssh compatible public key
  from it.

* Change getsslcert.php3 to return the ssh private and public key when
  give the "ssh" boolean argument. This is mostly for the benefit of
  Flack; we probably need a better UI for the user to get this stuff. 

* Remove the requirement that users must upload an SSH key to use
  protogeni, since we now create one for them when they create their
  encrypted SSL certificate.

* Some cleanup; instead of looking at the comment field to determine
  what pubkeys are Emulab created (and should not be deleted), use new
  internal and nodelete flags.

on the join/start project pages. At the moment this is conditional
under the PROTOGENI flag, since users on non-protogeni sites rarely
need an encrypted SSL certificate. The initial passphrase has to be
store someplace since we cannot built the certificate until the user
is approved, so put it into the users table, and delete when the first
certificate is built (at approval).

Allow multiple SSH keys.
Be more permissive when given a starred ("*") password.

deleted, they still remain in the user table with a status of
"archived", but since all the queries in the system now use uid_idx
instead of uid, it is safe to reuse a uid since they are no longer
ambiguous. 

The reason for not deleting users from the users table is so that the
stats records can refer to the original record (who was that person
named "mike"). This is very handy and worth the additional effort it
has taken.

There is no way to ressurect a user, but it would not be hard to add.

its really a hugely stripped down Emulab boss install, using a very
short version of install/boss-install to get a few things into place.

I refactored a few things in both the protogeni code and the Emulab
code, and whacked a bunch of makefiles and configure stuff. The result
is that we only need to install about 10-12 files from the Emulab
code, plus the protogeni code. Quite manageable, if you don't mind
that it requires FreeBSD 6.X ... Still, I think it satisfies the
requirement that we have a packaged clearinghouse that can be run
standalone from a running Emulab site.

the User Name (or id) in various tables.  This also involved adding
the field to the newproject, joinproject, and moduserinfo forms.

Note: also modified 4.149 database-migrate.txt entry to add a note
to add the necessary "slot" to table_regex.

the xml file.

that the web interface does; must be sure to include archived users in
the backend newuser script for when the web interface no longer makes
those checks.

Found in release testing: shouldn't require wikiname field if no WIKISUPPORT is configured.  wikiname must be optional in that case or users can't be created.

to catch early.

interface to the backend. There are new scripts that can be called
from the command line:

	newuser xmlfile
	newproj xmlfile

They both run from small xmlfiles that are generated by the web
interface from the form data. I also moved user verification to the
backend so that we do not have duplicated email functions, but that
was a small change.

Upon error, the xmlfile is saved and sent to tbops so that we can
rerun the command by hand, rather then force user to fill out form
again. I also do a better job of putting the form back up intact when
there are internal errors.

If the user provides an initial public key, that is put into the xml
file as well and addpubkey is called from newuser instead of the web
interface. A more general change to addpukey is that it is now
*always* called as "nobody". This script was a morass of confusion
cause of having to call it as nobody before the user actually
exists. In fact, another of my ongoing projects is to reduce the
number of scripts called as a particular user, but thats a story for
another day. Anyway, the script is always called as nobody, but we
pass along the implied user in the environment so that it can do
permission checks.