Brian Hanson
531b3edcd2
The decrypt step in provision.sh was writing decrypted private keys directly into the source tree (system/clearpilot/dev/), leaving them as untracked files in the repo. Now decrypts to a mktemp dir, copies to the SSH dir, and cleans up. Also added ed25519 key paths to .gitignore to match the existing id_rsa entries. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>