Skip to content
Please note that GitHub no longer supports your web browser.

We recommend upgrading to the latest Google Chrome or Firefox.

Learn more

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Allow storage of SSH private keys in LastPass, and use lpass CLI to retrieve and load into ssh-agent. The general idea is to store the private key armored ASCII in an "SSH Key" Secure Note, in a specific folder (i.e.: "Secure Notes\SSH" ).
#!/bin/sh
#
# Import all SSH keys from LP
#
PREFIX=~
SSH_ASKPASS=$PREFIX/bin/lp-askpass.sh
export SSH_ASKPASS
# This is needed to force ssh-add to honor our SSH_ASKPASS.
DISPLAY=foo
export DISPLAY
CONTAINER="Secure Notes\SSH"
# For some reason, lpass ls includes the folder's ID
CONTAINER_ID=4532168026
for key_id in `lpass ls "${CONTAINER}" | grep -v $CONTAINER_ID | awk '{print substr($4, 0, length($4))}'`; do
KEY_ID=$key_id
export KEY_ID
# lpass currently doesn't have a way of displaying individual fields from
# an "SSH Key" Secure note. So here we grep everything but the final Notes field,
# that has the ASCII armor private key with a leading carriage return
# setsid is needed to force ssh-add to honor our SSH_ASKPASS.
$PREFIX/lpass show --notes $key_id | setsid ssh-add /dev/stdin
done
#!/bin/sh
PREFIX=~/bin
if [ -z "$KEY_ID" ]; then
exit 1
fi
$PREFIX/lpass show --field Passphrase $KEY_ID
@bcopeland

This comment has been minimized.

Copy link

commented Mar 18, 2015

Cool idea - here's my version for 0.5.0:

https://gist.github.com/bcopeland/3cabf6ff3fe94fcbd566

@bcopeland

This comment has been minimized.

Copy link

commented Mar 18, 2015

Also - would be good to know why it shows container id - could you post a snippet of your 'lpass ls' output?

@davidblewett

This comment has been minimized.

Copy link
Owner Author

commented Mar 19, 2015

riva% lpass ls "Secure Notes\SSH"
Secure Notes\SSH
    ckb.privkey [id: 4535886926]
    id_rsa_csoc [id: 4535876406]
    id_rsa_cs [id: 4535866126]
    id_dsa [id: 4535830506]
    csoc-prod [id: 4532240616]
 [id: 4532168026]

riva% lpass ls "Secure Notes\SSH" | less
 [id: 4532168026]
Secure Notes\SSH/csoc-prod [id: 4532240616]
Secure Notes\SSH/id_dsa [id: 4535830506]
Secure Notes\SSH/id_rsa_cs [id: 4535866126]
Secure Notes\SSH/id_rsa_csoc [id: 4535876406]
Secure Notes\SSH/ckb.privkey [id: 4535886926]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.