You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
[This is the first of a few quality-of-life feature Issues I'm going to file today. I hope they make sense :-)]
Everyone has at least a few non-private-keys in their .ssh directory, from pubkeys to ssh config to authorized_keys files. Right now, on encrypt and decrypt operation, agebox's output is really messy, which obscures the important detail about what it's actually doing.
Here's a screenshot of it in action ... (NB there is no problem with seemingly valid private keys being reported as invalid, here. That's expected in my setup, and is not part of the issue I'm reporting here!)
I think it would be really useful if:
operations that don't need private keys (e.g encrypt/reencrypt) shouldn't report these warnings at all
operations that need private keys (decrypt) only report these warnings if given a --verbose flag.
I note that, with a default keys/ directory in a repo that's properly populated with public keys, the encrypt operation still reports all the files it couldn't parse in ~/.ssh. To my mind, adhering to agebox's default setup should be a signal to the tool that I don't want it to go looking in ~/.ssh during encryption!
I am aware that flags and envvars can be used to teach agebox more detail about my setup :-) I still think the default logging is too noisy and, in the case of re/encrypt, it's flat out wrong to report private key "problems", at any log level!
The text was updated successfully, but these errors were encountered:
Hi 馃憢 Thanks for making a really useful tool!
[This is the first of a few quality-of-life feature Issues I'm going to file today. I hope they make sense :-)]
Everyone has at least a few non-private-keys in their .ssh directory, from pubkeys to ssh config to authorized_keys files. Right now, on encrypt and decrypt operation, agebox's output is really messy, which obscures the important detail about what it's actually doing.
Here's a screenshot of it in action ... (NB there is no problem with seemingly valid private keys being reported as invalid, here. That's expected in my setup, and is not part of the issue I'm reporting here!)
I think it would be really useful if:
encrypt
/reencrypt
) shouldn't report these warnings at alldecrypt
) only report these warnings if given a--verbose
flag.I note that, with a default
keys/
directory in a repo that's properly populated with public keys, theencrypt
operation still reports all the files it couldn't parse in~/.ssh
. To my mind, adhering to agebox's default setup should be a signal to the tool that I don't want it to go looking in~/.ssh
during encryption!I am aware that flags and envvars can be used to teach agebox more detail about my setup :-) I still think the default logging is too noisy and, in the case of
re/encrypt
, it's flat out wrong to report private key "problems", at any log level!The text was updated successfully, but these errors were encountered: