Less code duplication in the ssh handlers - refactor simplegit/simplehg and reuse _check_locking_state and others.
BaseSSHHandler: why commit?
Logging / debugging with normal log module ... or just use stderr? Need for logging of ssh commands - perhaps something like the celeryd.log.file config setting.
Why this .handle() on the handlers?
We should show both http and ssh clone url (cleaner than https://bitbucket.org/oyarzun/kallithea/commits/af19ab7c4c5cc9807f06dedff9722236e164659f )
Perhaps better use of forms with validation for adding new keys.
DB upgrade is fine but should be cleaned up and simplified.
Tests (at least at high level validate that authorized_keys actually is generated correctly and that the handler works for both hg and git)
Why this 'seen' thing on ssh keys - why not have it as a general feature, also for normal login and for api keys?
Why no expiration as we have on api keys?
Server error on push when eol extension enabled.