scripts/backtunnel-keys

#!/usr/bin/env bash
# backtunnel-keys: manage accessor-side keys
# Usage:
#   backtunnel-keys print         # print (and generate if missing) the public key
#   backtunnel-keys path          # print the private/public key paths

set -euo pipefail

KEY="$HOME/.ssh/id_ed25519_backtunnel"
PUB="$KEY.pub"

cmd="${1:-print}"

case "$cmd" in
  print)
    if [[ ! -f "$KEY" ]]; then
      ssh-keygen -t ed25519 -f "$KEY" -N "" -C "backtunnel" >/dev/null
    fi
    if [[ ! -f "$PUB" ]]; then
      echo "Missing public key $PUB" >&2; exit 1
    fi
    cat "$PUB"
    ;;
  path)
    echo "private: $KEY"
    echo "public : $PUB"
    ;;
  *)
    echo "Usage: $0 {print|path}" >&2
    exit 1
    ;;
esac
Add accessor key authorization and enhance completion logic Introduce `backtunnel-authorize` for managing restricted SFTP-only keys, and update `backtunnel-share` to support temporary accessor key authorization via `--allow-key` and `--allow-known`. Extend bash completion with profile, accessor, and SSH host suggestions. Revamp README sections to include updated workflows, quick starts, and key management details. 2025-09-20 17:17:26 +02:00			`#!/usr/bin/env bash`
			`# backtunnel-keys: manage accessor-side keys`
			`# Usage:`
			`# backtunnel-keys print # print (and generate if missing) the public key`
			`# backtunnel-keys path # print the private/public key paths`

			`set -euo pipefail`

			`KEY="$HOME/.ssh/id_ed25519_backtunnel"`
			`PUB="$KEY.pub"`

			`cmd="${1:-print}"`

			`case "$cmd" in`
			`print)`
			`if [[ ! -f "$KEY" ]]; then`
			`ssh-keygen -t ed25519 -f "$KEY" -N "" -C "backtunnel" >/dev/null`
			`fi`
			`if [[ ! -f "$PUB" ]]; then`
			`echo "Missing public key $PUB" >&2; exit 1`
			`fi`
			`cat "$PUB"`
			`;;`
			`path)`
			`echo "private: $KEY"`
			`echo "public : $PUB"`
			`;;`
			`*)`
			`echo "Usage: $0 {print\|path}" >&2`
			`exit 1`
			`;;`
			`esac`