0.3.0

Added

• Clifton now supports certificate response version 3.
• Add option to automatically write the SSH config on a successful auth using clifton auth --write-config=true (PR #139). Thanks to David Llewellyn-Jones (@llewelld).

Fixed

• Quote paths in config files. This is required for paths which have spaces in them.
• Allow --config-file to be passed at any level of subcommands.
• Allow clifton clear-cache to work if cache directory is missing.
• Only notify to write config if a change is detected.
• Store the absolute path of passed identity files, rather than their relative position from where auth was run (Issue #98).

Changed

• Retrieve OIDC client ID from the CA rather than setting it in the config. Requires version 0.3 of Conch.
• Make the clifton ssh-command command hidden.

0.2.0

Changed

• Use the new Conch CA
• Only write the SSH config if the contents has actually changed.
• Shorten the timeout for version check to 5 seconds.

0.1.4

Added

• Notify when a new version of Clifton has been released.
• Add hidden command clifton clear-cache to delete the cache folder.

0.1.3

Added

• Allow disabling the QR code display

0.1.2

Fixed

• Provide a better error message when passing an old format RSA key.

0.1.1

Added

• Print how long the certificate is valid for when downloaded.
• Fall back to a wider range of default identities.
• Add ability to disable opening the browser for authentication. Pass --browser=false to the clifton auth or set open_browser = false in the config file.
• Warn if using an unencrypted private key.

Fixed

• Allow tilde in arguments.
• Don't fail if browser cannot be opened.

0.1.0

Added

• Initial release