Keystore refactor and documentation

[Copilot]

Description

The keystore is referenced in management.md but lacked dedicated user documentation. Users couldn't discover supported key types (RSA, X25519, WiFi PSK, WireGuard PSK) or usage patterns without exploring YANG models.

Also in this PR is a "revert" of the augments and deviations made earlier in this release cycle to ietf-keystore. The changes now amount to adding new identities only, keeping the IETF yang model intact and compatible with other models.

To aid with the UX of working with 'type binary' settings like cleartext-symmetric-key, the CLI helper change has been expanded to allow users to enter a WiFi passphrase without showing anyone peeking over their shoulder.

Support for an admin-exec level wireguard <genkey | genpsk command has also been added to aid users setting up Wireguard tunnels. The do prefix is really useful in such cases.

Checklist

Tick relevant boxes, this PR is-a or has-a:

• Bugfix
  • Regression tests
  • ChangeLog updates (for next release)
• Feature
  • YANG model change => revision updated?
  • Regression tests added?
  • ChangeLog updates (for next release)
  • Documentation added?
• Test changes
  • Checked in changed Readme.adoc (make test-spec)
  • Added new test to group Readme.adoc and yaml file
• Code style update (formatting, renaming)
• Refactoring (please detail in commit messages)
• Build related changes
• Documentation content changes
  • ChangeLog updated (for major changes)
• Other (please describe):

Original prompt

---

This section details on the original issue you should resolve

<issue_title>Missing documentation for Infix keystore</issue_title>
<issue_description>### Current Behavior

Infix management documentation refers to the keystore as part of the SSH section, but there is no user documenation on the Infix keystore and how to use it.

As minimum, the existing functionality should be documented. Perhaps there should also be additional functionality, but that would render a new issue (or the title of this issue should be changed).

The following functionality is available for configuration

admin@example:/config/> edit keystore
admin@example:/config/keystore/> help
  asymmetric-key                    An asymmetric key.
  symmetric-key                     A symmetric key.
admin@example:/config/keystore/>

The current online help is sparse, and I cannot say if it is correct

admin@example:/config/keystore/> help asymmetric-key 
NAME
        name <string>

DESCRIPTION
        An arbitrary name for the asymmetric key.

admin@example:/config/keystore/> help symmetric-key 
NAME
        name <string>

DESCRIPTION
        An arbitrary name for the symmetric key.

admin@example:/config/keystore/>

This is what the config output looks like on infix default (qemu).

admin@example:/config/keystore/> show
asymmetric-keys {
  asymmetric-key genkey {
    public-key-format ssh-public-key-format;
    public-key MIIBCgKCAQEAm6uCENSafz7mIfIJ8O.... AQAB;
    private-key-format rsa-private-key-format;
    cleartext-private-key MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYw...b7dyPr4mpHg==;
  }
}


admin@example:/config/keystore/>

Expected Behavior

User documentation for the keystore could perhaps be put in separate file like "doc/keystore.md".
It could contain rudimentary information on how it works, and example of how to use it.

Steps To Reproduce

Not applicable

Additional information

None</issue_description>

<agent_instructions>This is a documentation-only change, so please add [skip ci] to the commit message(s).</agent_instructions>

Comments on the Issue (you are @copilot in this section)

• Fixes Missing documentation for Infix keystore #914

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.