You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Mar 1, 2025. It is now read-only.
Utilities for storing and loading SSH keys with 1password
4
+
5
+
## Usage
6
+
7
+
Note that interactive execution is not supported for any of these scripts, since `op signin` is required for all scripts and itself requires interactive password input.
8
+
9
+
### Create a new SSH item in the vault
10
+
11
+
$ ./op-create-identity -H <hostname>
12
+
13
+
Create a new vault item associated with the given host and the current username, generating a new SSH key specifically for that user on that host. It then optionally registers the new key for immediate local use.
14
+
15
+
- Use `-u user` to log into the host as `user` rather than your current username. `-H hostname` should NOT be given in `user@host` format right now because I don't know quite enough sed magic to parse things like that.
16
+
- Use `-i ~/.ssh/id_rsa` to use an existing keypair, `~/.ssh/id_rsa` and `~/.ssh/id_rsa.pub`, instead of generating a new keypair.
17
+
18
+
### Pull all SSH items in the vault for use locally
19
+
20
+
$ ./op-add-identities
21
+
22
+
Search for SSH key items in your vault and read them all into temporary storage. Public and private keys will be saved to `/tmp/op-ssh-utils/keys` with appropriate permissions, and an SSH config file will be saved to `/tmp/op-ssh-utils/ssh_config` which can be included from your personal SSH config (usually `~/.ssh/config`) via `Include /tmp/op-ssh-utils`.
23
+
24
+
### Remove all local SSH credentials
25
+
26
+
$ rm -r /tmp/op-ssh-utils
27
+
28
+
# Todos
29
+
30
+
- Find a better place to store keys locally (is /dev/shm appropriate?) + allow user to customize that location
31
+
- Use a different temporary location to allow multiple users on the same system to use the tool (random folder names in the folder symlinked to `~/.local` or something? maybe just make it a bashrc script that automates adding the `Include` rule to the user's SSH config without requiring a persistent directory name across logins?)
32
+
- Better vault item searching/handling, customization of the item template
33
+
- Guidance for adding items to 1Password manually so that this tool can pick them up
0 commit comments