Description
Feature suggestion
I would like to have the ability to not expose the SSH clone URL to anonymous visitors (not signed in).
Why?
People capable of cloning via SSH must provide their public key and hence they are most likely registered members (or some member is sharing his/her account.
On the other hand, an anonymous visitor can't do anything useful with this URL.
Why not?
You might argue that you are not necessarily signed, maybe don't have your two-factor device on hand, but just want to fetch the URL to push via SSH. So it depends on custom needs and workflows.
My suggestion
Add a boolean configuration flag like SSH_EXPOSE_ANON (default true, so it's opt-out), which is checked on markup generation.
I have hardcoded this in a fork project (simply added .IsSigned to the 3 relevant templates), works like a charm. If this change is welcome, I'm willing to provide a complete PR on that.