pocketenv/sshkeys

Manage SSH key pairs attached to a sandbox.

The private key is encrypted client-side with the server’s public key before transmission and is never returned in plaintext. A redacted display value is stored alongside so users can recognise which key is configured without exposing the full value.

Types

SshKeys

</>

SSH key pair stored in a sandbox. private_key is the encrypted ciphertext; public_key is plaintext; redacted is a display-safe version of the original private key.

pub type SshKeys {
  SshKeys(
    private_key: String,
    public_key: String,
    redacted: String,
  )
}

Constructors

SshKeys(
  private_key: String,
  public_key: String,
  redacted: String,
)

Values

get

</>

pub fn get(
  sb: sandbox.ConnectedSandbox,
) -> Result(option.Option(SshKeys), pocketenv.PocketenvError)

Retrieves the stored SSH keys for the sandbox, if any.

Example

let assert Ok(keys) = sb |> sshkeys.get()

put

</>

pub fn put(
  sb: sandbox.ConnectedSandbox,
  private_key: String,
  public_key: String,
) -> Result(Nil, pocketenv.PocketenvError)

Stores an SSH key pair, encrypting private_key before transmission. A redacted display value is computed automatically.

Example

let assert Ok(Nil) = sb |> sshkeys.put(private_key, public_key)