Allow storage of SSH private keys in LastPass, and use lpass CLI to retrieve and load into ssh-agent. The general idea is to store the private key armored ASCII in an "SSH Key" Secure Note, in a specific folder (i.e.: "Secure Notes\SSH" ).
|
#!/bin/sh |
|
# |
|
# Import all SSH keys from LP |
|
# |
|
PREFIX=~ |
|
SSH_ASKPASS=$PREFIX/bin/lp-askpass.sh |
|
export SSH_ASKPASS |
|
# This is needed to force ssh-add to honor our SSH_ASKPASS. |
|
DISPLAY=foo |
|
export DISPLAY |
|
|
|
CONTAINER="Secure Notes\SSH" |
|
# For some reason, lpass ls includes the folder's ID |
|
CONTAINER_ID=4532168026 |
|
|
|
for key_id in `lpass ls "${CONTAINER}" | grep -v $CONTAINER_ID | awk '{print substr($4, 0, length($4))}'`; do |
|
KEY_ID=$key_id |
|
export KEY_ID |
|
# lpass currently doesn't have a way of displaying individual fields from |
|
# an "SSH Key" Secure note. So here we grep everything but the final Notes field, |
|
# that has the ASCII armor private key with a leading carriage return |
|
# setsid is needed to force ssh-add to honor our SSH_ASKPASS. |
|
$PREFIX/lpass show --notes $key_id | setsid ssh-add /dev/stdin |
|
done |
|
#!/bin/sh |
|
PREFIX=~/bin |
|
if [ -z "$KEY_ID" ]; then |
|
exit 1 |
|
fi |
|
|
|
$PREFIX/lpass show --field Passphrase $KEY_ID |
This comment has been minimized.
bcopeland commentedMar 18, 2015
Cool idea - here's my version for 0.5.0:
https://gist.github.com/bcopeland/3cabf6ff3fe94fcbd566