trust_bad_line

Diagnostic `nanook::cli::trust_bad_line`

Summary

malformed signer line

Help

expected ssh-ed25519 <base64> [comment]. mint one with nanook keygen --kind signing. parse error: {1}

Details

When this fires

The argument passed to nanook self trust add or nanook plugins trust add was not a parseable SSH-style line. Same parser as [admin].authorized and the signing trust lists — anything that isn't ssh-ed25519 <base64> [comment] is rejected here so a corrupt entry never lands in nanook.toml.

What to check

Did you pass the .pub line, not the private half? cat ~/.nanook/signing/id_ed25519.pub is what you want.
If you piped the file, did you keep it whole? The line must be ssh-ed25519 <base64-blob> [comment] on a single line.
Was the algorithm right? Only ssh-ed25519 is accepted. RSA / ecdsa / dsa keys are rejected by design.

# easiest path: pass the file directly
nanook self trust add ~/.nanook/signing/id_ed25519.pub