clawdie-iso

History

Sam & Claude 3a2228a6b7 feat(enable-mother): publish colibri pubkey to Vaultwarden for hive auth Vault-mediated key exchange (direction B — we call mother). After ensuring the colibri SSH identity, enable-mother now upserts the pubkey into Vaultwarden as `hive-pubkey-<hostname>` (via bw, run as root so it can read the BW_* bootstrap creds from provider.env). Mother's mother-sync-hive-keys rebuilds its authorized_keys from these items, so no operator copy-paste between machines. The printed pubkey + restricted command= line remain as a manual fallback when the vault publish is unavailable. Uses the bitwarden-cli-vault skill's session+upsert pattern. sh -n clean; embedded JSON/id-extraction tested. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>	2026-06-21 20:18:27 +02:00
..
operator-session	feat(enable-mother): publish colibri pubkey to Vaultwarden for hive auth	2026-06-21 20:18:27 +02:00

Sam & Claude 3a2228a6b7 feat(enable-mother): publish colibri pubkey to Vaultwarden for hive auth

Vault-mediated key exchange (direction B — we call mother). After ensuring the
colibri SSH identity, enable-mother now upserts the pubkey into Vaultwarden as
`hive-pubkey-<hostname>` (via bw, run as root so it can read the BW_* bootstrap
creds from provider.env). Mother's mother-sync-hive-keys rebuilds its
authorized_keys from these items, so no operator copy-paste between machines.

The printed pubkey + restricted command= line remain as a manual fallback when
the vault publish is unavailable. Uses the bitwarden-cli-vault skill's
session+upsert pattern. sh -n clean; embedded JSON/id-extraction tested.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

2026-06-21 20:18:27 +02:00

operator-session

feat(enable-mother): publish colibri pubkey to Vaultwarden for hive auth

2026-06-21 20:18:27 +02:00