- be explicit and expect only ssh-dss or ssh-rsa keys
- allow any character (even line breaks and whitespace) in the optional comment,
but shrink all of them to simple spaces (fixes issue 679)
- test the newly uploaded key against existing keys only by the base key data,
not the fully uploaded string (that might contain a changed comment line or
the like) to avoid duplicates; also only check the keys of the user for
duplicates, not all existing keys in the forge (if for whatever reason two
user accounts share a key)