https://git.schokokeks.org/derivepassphrase.git/tree/f17523b71145c4d93df854a7224a0d86597bd016 2026-03-14T17:33:38+01:00 tag:gitlist.org,2012:commit/f17523b71145c4d93df854a7224a0d86597bd016 2026-03-14T17:33:38+01:00 Marco Ricci software@the13thletter.info <pre>On The Annoying OS, we add screenshots for the steps involving `pageant` and `puttygen`, because we cannot present a verbatim shell transcript. The instructions avoid giving motor instructions ("click on ...", "type ... in", etc.) as much as possible, both for consistency with the UNIX instructions and to focus on the higher-level operations instead. This also avoids doing users with motor impairments or unusual input device setups the disservice of giving them instructions they cannot follow. We add a definition for "key rotation", and further short commentary on key compartmentalization and locking the agent (or the key in the agent). We align the visual style of both this tutorial and the SSH key how-to by using the text framing approach from the latter to frame alternate blocks of content (e.g. operating system-specific instructions), either explicitly or implicitly, as needed. We ensure that this style is also used consistently in the how-to as well. Finally, we also add the `pageant` logo to the how-to, and image credits for the logo on both pages. &lt;/pre&gt; tag:gitlist.org,2012:commit/63de467b5801765c8e51876386edfe3516c4d377 2026-03-08T22:46:41+01:00 Marco Ricci software@the13thletter.info <pre>The tutorial builds on the previous tutorial for setting up `derivepassphrase vault` with a master passphrase, modifying the existing configuration to use a master SSH key instead. It covers SSH agent installation, key generation, and reconfiguring `derivepassphrase vault`. Both tutorials link to each other. The other tutorial (for setting up `derivepassphrase vault` with a master passphrase) now also contains a short note on shell prompts as well as operating system-specific instructions for the `pip` install method. For reproducibility, the new tutorial uses the standard Ed25519 SSH test key as the master SSH key. The test key is explicitly linked. The tutorial also includes a copy of the Pageant icon to help the reader identify the correct icon in The Annoying OS's task bar. &lt;/pre&gt; tag:gitlist.org,2012:commit/9a6617ef05d898f69115e45bccf53e78e8b78bbc 2026-02-08T21:25:06+01:00 Marco Ricci software@the13thletter.info <pre>Also fix one instance where the declared license identifier still was the MIT license, making it unclear whether this file was licensed under a different license than the rest. (No, it was merely a typo.) &lt;/pre&gt; tag:gitlist.org,2012:commit/8a0b21fee827207b46da6fceb3c98d37b88a08ba 2026-02-08T21:01:20+01:00 Marco Ricci software@the13thletter.info <pre>Apparently, this is a copy-and-paste error from the PDF rendering of the manpage when it was originally converted to Markdown: while the PDF *looked* correct, the text layer was not, and so the pasted text was also out-of-order. &lt;/pre&gt; tag:gitlist.org,2012:commit/46c906e53a432ad1eaaef5fe6ba1d9f7e6e12f1e 2026-02-08T19:38:24+01:00 Marco Ricci software@the13thletter.info <pre>Add a section on SSH agent socket providers, and documentation for the new `--ssh-agent-socket-provider` option and the new "The SSH agent socket provider %s is not in derivepassphrase's provider registry." error message. Also update the section on SSH key suitability, and remove the entry on Windows incompatibility from the Bugs section. &lt;/pre&gt; tag:gitlist.org,2012:commit/a19b8bbe85e9fba002b1e1364f6cc9aeb64e5969 2026-02-08T16:10:06+01:00 Marco Ricci software@the13thletter.info <pre>&lt;/pre&gt; tag:gitlist.org,2012:commit/369ca71eaa5b58f91a1b31e6e0bbecd87db4a488 2026-02-08T16:02:18+01:00 Marco Ricci software@the13thletter.info <pre>Extend the vault CLI tests for basic SSH key usage to also cover the SSH agent socket provider choice case. We split up the monolithic `_test` helper function into separate `_setup_environment` and `_check_result` functions, so that we can share common setup code (including fixtures and parametrizations), but use different result testing code. We also extend the `_setup_environment` code to handle main user configuration mocking and SSH agent socket provider registry mocking as well, even if the basic key tests don't use this functionality. &lt;/pre&gt; tag:gitlist.org,2012:commit/b47aeba92dcb366450841a5f480f0d47d0cd4785 2026-02-08T13:40:06+01:00 Marco Ricci software@the13thletter.info <pre>Issue the correct error message when an SSH agent socket provider is specified via command-line options or via user configuration, but the socket provider does not appear in the registry. Previously, due to a technicality, this would be treated the same as the `SSH_AUTH_SOCK` environment variable missing, and would issue the same error message. This is, of course, blatantly false, and has now been corrected. &lt;/pre&gt; tag:gitlist.org,2012:commit/04d675f8ef255a5e68589a6a132490a424595216 2026-02-08T13:00:41+01:00 Marco Ricci software@the13thletter.info <pre>Add a designated entry `vault.ssh-agent-socket-provider` to the `derivepassphrase` main configuration and the new option `--ssh-agent-socket-provider` to the `derivepassphrase vault` command-line interface. These both specify a specific SSH agent socket provider to use, instead of the built-in default provider list. The command-line option has precedence over the user configuration. In complementary work, streamline the construction of SSH agent client contexts and the querying of configuration files in `derivepassphrase vault`'s main program: provide a `get_configured_connection_hint` for the former, and harmonize function signatures and call responsibilities for the latter. &lt;/pre&gt; tag:gitlist.org,2012:commit/1480df53a6ad1f89fb2a570eb7d38f5e10a06e03 2026-02-01T20:51:53+01:00 Marco Ricci software@the13thletter.info <pre>&lt;/pre&gt;