Skip to content

feat: SSHKeyContentResponse, SecretStr, authorized_keys options, and tests #302

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
mkitti wants to merge 10 commits into
base: ssh-key-manager
Choose a base branch
from
Open

feat: SSHKeyContentResponse, SecretStr, authorized_keys options, and tests #302

mkitti wants to merge 10 commits into from

Conversation

@mkitti
Copy link
Contributor

@mkitti mkitti commented Jan 22, 2026

  • Add custom SSHKeyContentResponse that wipes memory after sending content
  • Use pydantic.SecretStr to guard ssh private key password
  • Add restrict keyword to authorized_keys options
  • Add fileglancer to authorized_keys comment
  • Add tests for SSH key handling

TODO:

  • Only manage authorized keys which have fileglancer in the comment
  • Consider using StreamingResponse to further avoid middleware buffers that contain the entire key

mkitti and others added 10 commits January 21, 2026 22:40
@mkitti
Implement SSHKeyContentResponse that wipes its memory.
917e114
@mkitti
Remove unused SSHKeyContent
dd218a5
@mkitti
Use SecretStr to guard password. Add test_sshkeys.py.
ba7cf85
@mkitti
Add restrict keyword and add fileglancer as a ssh key comment
d041ca5
@mkitti
Using streaming, avoid whole key copy in memory downstream
0a6c8ba
@mkitti
List keys with fileglancer in the comment
8754dda
@mkitti
Clarify that we only list Fileglancer managed keys
e18e55d
@mkitti @claude
Add temporary key generation and improve SSH key management
5e46040 
- Add ability to generate temporary SSH keys that are added to
  authorized_keys but private key is only shown once for copying
- Add regenerate public key from private key functionality
- Track id_ed25519 status (exists, unmanaged, missing pubkey)
- Hide private key display in temp key dialog, only allow copy
- Sort keys with id_ed25519 displayed first
- Use clean 'fileglancer' comment when regenerating public keys

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@mkitti
Use restrictive umask when creating keys
72e668e
@mkitti @claude
Add tests for temp key generation, regenerate pubkey, and umask
def544c 
Test coverage for functionality added in recent commits:
- generate_temp_key_and_authorize with passphrase support
- regenerate_public_key from private key
- check_id_ed25519_status for managed/unmanaged detection
- list_ssh_keys sorting (id_ed25519 first)
- Umask restoration after key generation
- TempKeyResponse header inclusion and temp file cleanup
- _parse_authorized_keys_fileglancer filtering

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mkitti