I'm the core maintainer of a plugin named Formataway, and I've a deployment script so I can keep using my Git repository without worrying about all the SVN stuff that I need to do to get my updates onto the plugin repository.
I found this very useful so I wrote a guide on it to help others.
However after some time I've become rather uncomfortable with having to keep variables like $SVN_PASSWORD online for such deployment scripts to operate. In a collaborative situation, that passport will be visible to all team members, and that's not good. So comes my question:
Is there some form of SSH keying with the WordPress plugin repository that I can use to give a server permission to push commits without needing to store and communicate a password?
GitHub for instance allows you to specify a list of publish SSH keys which can then communicate over that protocol instead of with HTTP authentication. The SSH keys look something like:
ssh-rsa [ REDACTED ]