From a13414341b7e462ef5dabc17fad8ff6efda7c370 Mon Sep 17 00:00:00 2001
From: Remo Senekowitsch <remo@buenzli.dev>
Date: Thu, 17 Apr 2025 05:00:21 +0000
Subject: [PATCH] feat: inline public ssh key in verification command (#7516)

This makes it easier for people to verify their SSH key with various
setups. People with a key stored in a file won't have to manually
substitute the correct file path anymore. People who store their SSH
key in a password manager and access it via an ssh-agent won't have
to copy the private key to a temporary file or figure out the process
substitution thing anymore.

A slight disadvantage is that the fish shell doesn't have the same
syntax for process substitution as POSIX shells. For that reason, a
default-collapsed box with a custom command for fish users is provided,
just like for the Windows shells.

The Windows shells do not have an equivalent to process substitution, so
those commands remain unchanged.

## Checklist

The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org).

### Tests

- I added test coverage for Go changes...
  - [ ] ~in their respective `*_test.go` for unit tests.~
  - [ ] ~in the `tests/integration` directory if it involves interactions with a live Forgejo server.~
- I added test coverage for JavaScript changes...
  - [ ] ~in `web_src/js/*.test.js` if it can be unit tested.~
  - [ ] ~in `tests/e2e/*.test.e2e.js` if it requires interactions with a live Forgejo server (see also the [developer guide for JavaScript testing](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/tests/e2e/README.md#end-to-end-tests)).~

### Documentation

- [ ] ~I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change.~
- [x] I did not document these changes and I do not expect someone else to do it.

### Release notes

- [ ] I do not want this change to show in the release notes.
- [x] I want the title to show in the release notes with a link to this pull request.
- [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title.

## [](#testing)Testing

* `pr=7516 ; git fetch forgejo +refs/pull/$pr/head:refs/heads/wip-pr-$pr`

* `git checkout wip-pr-$pr`

* `make TAGS='sqlite sqlite_unlock_notify' watch`

* login

* visit /user/settings/keys and add an ssh key

* click verify

* see a CLI sample is displayed
      ![image](attachments/8edf43f4-9ae9-48dc-b275-0c466e9a161d)

* run CLI sample, copy paste the output and submit it

* check that the verification is successful
      ![image](attachments/20074f32-e06f-42fd-9732-32171016c47e)

<!--start release-notes-assistant-->

## Release notes
<!--URL:https://codeberg.org/forgejo/forgejo-->
- User Interface features
  - [PR](https://codeberg.org/forgejo/forgejo/pulls/7516): <!--number 7516 --><!--line 0 --><!--description aW5saW5lIHB1YmxpYyBzc2gga2V5IGluIHZlcmlmaWNhdGlvbiBjb21tYW5k-->inline public ssh key in verification command<!--description-->
<!--end release-notes-assistant-->

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7516
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Remo Senekowitsch <remo@buenzli.dev>
Co-committed-by: Remo Senekowitsch <remo@buenzli.dev>
---
 templates/user/settings/keys_ssh.tmpl | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/templates/user/settings/keys_ssh.tmpl b/templates/user/settings/keys_ssh.tmpl
index b8783dead0..420a25cb1d 100644
--- a/templates/user/settings/keys_ssh.tmpl
+++ b/templates/user/settings/keys_ssh.tmpl
@@ -78,15 +78,16 @@
 							<input readonly="" value="{{$.TokenToSign}}">
 							<div class="help">
 								<p>{{ctx.Locale.Tr "settings.ssh_token_help"}}</p>
-								<p><code>echo -n '{{$.TokenToSign}}' | ssh-keygen -Y sign -n gitea -f /path_to_PrivateKey_or_RelatedPublicKey</code></p>
+								<div class="markup"><pre class="code-block"><code>bash -c "echo -n '{{$.TokenToSign}}' | ssh-keygen -Y sign -n gitea -f <(echo '{{.OmitEmail}}')"</code></pre></div>
+								<br>
 								<details>
 									<summary>Windows PowerShell</summary>
-									<p><code>cmd /c "&lt;NUL set /p=`"{{$.TokenToSign}}`"| ssh-keygen -Y sign -n gitea -f /path_to_PrivateKey_or_RelatedPublicKey"</code></p>
+									<div class="markup"><pre class="code-block"><code>cmd /c "&lt;NUL set /p=`"{{$.TokenToSign}}`"| ssh-keygen -Y sign -n gitea -f /path_to_PrivateKey_or_RelatedPublicKey"</code></pre></div>
 								</details>
 								<br>
 								<details>
 									<summary>Windows CMD</summary>
-									<p><code>set /p={{$.TokenToSign}}| ssh-keygen -Y sign -n gitea -f /path_to_PrivateKey_or_RelatedPublicKey</code></p>
+									<div class="markup"><pre class="code-block"><code>set /p={{$.TokenToSign}}| ssh-keygen -Y sign -n gitea -f /path_to_PrivateKey_or_RelatedPublicKey</code></pre></div>
 								</details>
 							</div>
 							<br>