manizzle

# Our product relies on SSH for authentication and transport in various parts
# of the app. Most operations generate a certificate with particular
# restrictions to constrain what the user can do once they're authenticated to
# the SSH portal.

# The Core API would be making the permission decisions (i.e.
# what force command to use, whether to allocate port forwarding), and this
# module is responsible for providing a corresponding SSH Certificate.

# For example: DB Tunnel operations are allowed to port-forward, but they're