Sendak make command needs to accept a path to private key material

[konklone]

A command to sendak make-me-a hubot will need to accept a path to a private key file on local disk. This key path will be shuttled through the system until ultimately needed by the project's own instrumentation (e.g. Fabric) to configure the deployed infrastructure.

[janearc]

do we want to have to require a path to a keyfile or do we want to trust that ssh-agent on the host understands that key?

fetch:sendak jane$ ssh-add -l
1024 7d:33:01:7e:97:55:b9:de:3b:cf:8d:d1:3b:ac:68:5f /Users/jane/.ssh/id_dsa (DSA)
2048 f0:e4:ad:98:ef:98:92:74:7b:ba:ef:97:04:dc:37:d4 /Users/jane/.ssh/jane-fetch-aws-root.pem (RSA)

[konklone]

Does that imply an .ssh/config file too? Without that, I'd think that every SSH connection would run through all added keys in sequence before finding one that works. I've had bugs with that behavior before, which is why I use IdentitiesOnly yes in my .ssh/config, which forces SSH to only try the specific named key.

[janearc]

No. ssh-agent looks, I think, in ~/.ssh for key files and adds them. I don't actually have any explicit configuration for it in ~/.bash_profile or in ~/.ssh/config.