Expose gitlab auth token in SSH API

Description

Using ssh-agent / ssh for auth is great, and recently, a new MR setup gitlab-shell so it can be used as 2FA. In our office, we used a patched version of gitlab & gitlab-shell that is now broken.

• gitlab-hq private_token exposure MR 7153
• gitlab-shell new command user MR 103

That is now broken because of modifications applied by the gitlab-shell / 2FA modifications. While it's trivial to update our fork, i"d like to have some advices from gitlab-hq team

• would this feature be accepted (merged) in gitlab-hq & gitlab-shell trunk?
• If no, how would you achieve this ?
• do you think there is a security flow in this process (we think it's okay) ?

Proposal

I'll modify Gitlab to expose private_token in the /discover API I'll modify gitlab-shell to allow "user" as a valid command