- In Settings > SSH Keys, it would be convenient to be able to generate SSH keys for users. In this case, we'd give them the private key (and not store it) and record the public key as attached to their account.
- In Passphrase, it would be convenient to do the opposite: generate private SSH keys for users, and give them the public keys (so they could, e.g., copy-paste it to GitHub or whatever).
- In Passpharse, it would also be nice to have a button to download the public key for any private key, since the public key is derivable.
Revisions and Commits
In the GitHub case, Passphrase stores secrets and we can't extract secrets (in this case, private keys) from GitHub.
We can get public keys over the API for the purposes of the "SSH Keys" panel, but the API doesn't have the key names, so users with more than one key can't distinguish between them. I'm hesitant to pursue this since it's going to be messy, hard-coded, and hard to use in the common case. If you look at my keys, there's no way to tell which is which:
It looks like if we have an OAuth session we can get some more information, but only about one key at a time. So this is like five levels of mess for a questionably-useful feature; I'm not inclined to pursue it unless we get more weight behind requests for it.
GHC would also find support for importing keys from Github useful; we are currently working on rolling out a Diffusion-hosted staging area for use with Harbormaster but the need for contributors to submit their key to yet another Phab feels like unnecessary friction.