### Proposal GitLab expects new SSH keys with the format `keytype, base64-encoded key, comment`. However, [`sshd(8)#AUTHORIZED_KEYS_FILE_FORMAT`](https://man.archlinux.org/man/sshd.8#AUTHORIZED_KEYS_FILE_FORMAT) allows additional options, like `verify-required` and `no-touch-required` in the format: `options, keytype, base64-encoded key, comment` (with options being optional). The option `no-touch-required` is required for FIDO2/U2F keys generated with the option no-touch-required to not require a touch verification on each SSH authentication and therefore my key always get declined by GitLab without that option. It would be very nice to allow prepend the option in the SSH add form (https://codeberg.org/user/settings/keys). For example this is a line in my `authorized_keys` for my machines: ``` no-touch-required sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIIqB47mxdo+mLFKxncPu8fA6jrKeVrBwCQ1Hoylr1n7kAAAAC3NzaDpnZW5lcmFs nk3 ``` I think setting `no-touch-required` by default would be wrong and is a potential security risk. <!-- Label reminders Use the following resources to find the appropriate labels: - Use only one tier label choosing the lowest tier this is intended for - https://gitlab.com/gitlab-org/gitlab/-/labels - https://about.gitlab.com/handbook/product/categories/features/ -->