ssh-key should allow to select the SSH key type (signing or authentication)

[koide]

Describe the feature or problem you’d like to solve

gh ssh-key add adds keys with type "authentication key" only. There is no way to submit them as "signing key"s

Proposed solution

Add a second parameter in addition to the title parameter to specify the key type.

gh ssh-key list should ideally also be modified to show the key type

Additional context

This allows for signature verification with SSH keys. Currently the only solution that I could find was to upload the key in the UI to select the key type

Ref: https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification#ssh-commit-signature-verification

[vilmibm]

This feels like a perfectly natural thing to add. ssh-key add should accept a --type flag that defaults to "authentication" but should accept "signing." and ssh-key list should differentiate between types as @koide suggests.

[kousikmitra]

Is this open for community? @vilmibm

[kousikmitra]

I have raised a PR for adding signing ssh key here #7270

Faced one issue while implementing the list command, as both the api for listing singing key needs a different scope. If any of the api fails due to insufficient permission, should it return with the error or ignore the error and print result of the other api?

[vilmibm]

Thanks for asking. I think the appropriate thing here is to list what you can and use a warning to say that one of the endpoints needs a new scope with a suggestion to run gh auth refresh -s<new scope>. The warning can come before or after the list; preferably after.

If neither endpoint is accessible, this should be an error with a suggestion to run gh auth refresh -s<both scopes needed for listing keys>

does that make sense?

[kousikmitra]

Yeah sounds good. I will add the changes and let you know.

[Hanooona]

N