By default, Carthage generates its own non-password-protected ssh key and sets up an ssh agent that uses that key. Also, Carthage always includes its own non-password-protected ssh key in any authorized_keys file it generates.
That's a reasonable appproach for testing, but not good when Carthage is used for IAC work.
In IAC work you might well want to work with an existing ssh-agent, and you might well not want to include non-password-protected keys in authorized keys files.
This is a little tricky at the API layer because several operations hang off SshKey, and at least unless the API changes, you probably want an SShKey object from which to rsync even if Carthage doesn't use its own key.
By default, Carthage generates its own non-password-protected ssh key and sets up an ssh agent that uses that key. Also, Carthage always includes its own non-password-protected ssh key in any authorized_keys file it generates. That's a reasonable appproach for testing, but not good when Carthage is used for IAC work. In IAC work you might well want to work with an existing ssh-agent, and you might well not want to include non-password-protected keys in authorized keys files. This is a little tricky at the API layer because several operations hang off SshKey, and at least unless the API changes, you probably want an SShKey object from which to rsync even if Carthage doesn't use its own key.