omegion / ssh-manager Goto Github PK
View Code? Open in Web Editor NEWSSH Key Manager for 1Password, Bitwarden and AWS S3.
Home Page: https://ssh-manager.omegion.dev
License: Apache License 2.0
SSH Key Manager for 1Password, Bitwarden and AWS S3.
Home Page: https://ssh-manager.omegion.dev
License: Apache License 2.0
Is your feature request related to a problem? Please describe.
I use Ubuntu Desktop, where the ssh-agent is managed by the gnome keychain, which only seems to auto-import ssh keys from .ssh and not any sub-directories.
Describe the solution you'd like
I'd like get to have a --directory flag (relative to .ssh), with the default set to "keys", so that I am able to tell it to not add keys to a sub-directory.
Describe alternatives you've considered
Currently I need to script moving the keys after getting them.
Explain any additional use-cases
n/a
Additional context
n/a
Describe the bug
Does not seem to work any more with bitwarden in any way
To Reproduce
Steps to reproduce the behavior:
bw login --check
ssh-manager list --provider bw
Expected behavior
Show list of ssh keys saved in bitwarden
Environment:
ssh-manager version
): v0.16.0Additional context
go version go1.18.1 linux/amd64
bw version 1.22.0
Ubuntu 22.04 LTS
Describe the bug
A clear and concise description of what the bug is.
To Reproduce
Steps to reproduce the behavior:
...
Expected behavior
A clear and concise description of what you expected to happen.
Environment:
ssh-manager version
):Additional context
Add any other context about the problem here.
Environment:
INFO[03-11-2021 13:48:01] ssh-manager 0.0.0
Expected Behavior:
Saving the ssh files to 1password
Actual Behavior:
Getting this error: Error: 'op create': Execution failed:
Steps to Reproduce:
installed go
ran go get -u github.com/omegion/ssh-manager
started the ssh-agent service
ran the following command:
ssh-manager add --name new-ssh-key --private-key C:\Users\username\.ssh\id_rsa --public-key C:\Users\username\.ssh\id_rsa.pub --provider op
This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
These updates have all been created already. Click a checkbox below to force a retry/rebase of any.
github.com/aws/aws-sdk-go-v2
, github.com/aws/aws-sdk-go-v2/config
, github.com/aws/aws-sdk-go-v2/service/s3
)Dockerfile
golang 1.19-alpine3.15
alpine 3.20
.github/workflows/build.yml
actions/checkout v4
mathieudutour/github-tag-action v6.2
softprops/action-gh-release v2
actions/checkout v4
docker/login-action v3
docker/setup-qemu-action v3
docker/setup-buildx-action v3
docker/build-push-action v6
actions/checkout v4
actions/setup-go v5
softprops/action-gh-release v2
.github/workflows/test.yml
actions/setup-go v5
actions/checkout v4
actions/setup-go v5
actions/checkout v4
actions/checkout v4
golangci/golangci-lint-action v6
go.mod
go 1.18
github.com/aws/aws-sdk-go-v2 v1.27.2
github.com/aws/aws-sdk-go-v2/config v1.27.18
github.com/aws/aws-sdk-go-v2/service/s3 v1.55.1
github.com/go-asset/build v0.0.1
github.com/golang/mock v1.6.0
github.com/omegion/cobra-commander v0.11.0
github.com/omegion/go-aws-v2-interface v0.3.0
github.com/sirupsen/logrus v1.9.3
github.com/spf13/cobra v1.8.1
github.com/stretchr/testify v1.9.0
k8s.io/utils v0.0.0-20240502163921-fe8a2dddb1d0@fe8a2dddb1d0
Would it be possible to add the Windows binary to the releases as well as Linux + OS X?
Hopefully something like windows/amd64
would suffice according to 0-go-os-arch.md and go tool dist list
Describe the bug
1Password released a v2.x of their CLI, and introduced breaking changes in the commands, for instance now the commands are something like:
op item list --categories login --tags SSHKeys
instead of what currently ssh-manager
is expecting:
op list items --categories login --tags SSHKeys
Below the error when trying to run ssh-manager list
❯ ssh-manager list --provider op
Error: 'op list': Execution failed: exit status 1: [ERROR] 2022/05/27 17:08:39 unknown command "list" for "op"
Usage: op [command] [flags]
Management Commands:
account Manage your locally configured 1Password accounts
connect Manage Connect instances and Connect tokens in your 1Password account
document Perform CRUD operations on Document items in your vaults
events-api Manage Events API integrations in your 1Password account
group Perform CRUD operations on the groups of users in your 1Password account
item Perform CRUD operations on the 1Password items in your vaults
user Manage users within this 1Password account
vault Manage permissions and perform CRUD operations on your 1Password vaults
Commands:
completion Generate shell completion information
inject Inject secrets into a config file
read Read a secret using the secrets reference syntax
run Pass secrets as environment variables to a process
signin Sign in to a 1Password account
signout Sign out of a 1Password account
update Check for and download updates.
Global Flags:
--account account Select the account to execute the command by account shorthand, sign-in address, account ID, or user ID. For a list
of available accounts, run 'op account list'. Can be set as the OP_ACCOUNT environment variable.
--cache Store and use cached information.
--config directory Use this configuration directory.
--debug Output debug logs. Can also be set using $OP_DEBUG environment variable.
--encoding type Use this character encoding type. Default: UTF-8. Supported: SHIFT_JIS, gbk.
--format string Use this output format. Can be 'human-readable' or 'json'. Can be set as the OP_FORMAT environment variable.
(default "human-readable")
-h, --help Get help for op.
--iso-timestamps Format timestamps according to ISO 8601 / RFC 3339. Can be set as the OP_ISO_TIMESTAMPS environment variable.
--no-color Print output without color.
--session token Authenticate with this session token. 1Password CLI outputs session tokens for successful 'op signin' commands when
biometric unlock is disabled.
Run 'op [command] --help' for more information on the command.
To Reproduce
Steps to reproduce the behavior:
ssh-manager
Expected behavior
Get/list the SSH Key items stored in 1Password
Environment:
ssh-manager version
): INFO[27-05-2022 17:11:12] ssh-manager v1.0.0
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Describe the solution you'd like
A clear and concise description of what you want to happen.
Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.
Explain any additional use-cases
If there are any use-cases that would help us understand the use/need/value please share them as they can help us decide on acceptance and prioritization.
Additional context
Add any other context or screenshots about the feature request here.
Describe the bug
Several dependencies are out of date
Additional context
May be worthwhile implementing dependabot to automate updates.
version: 2
updates:
- package-ecosystem: "docker" # See documentation for possible values
directory: "/" # Location of package manifests
schedule:
interval: "daily"
- package-ecosystem: "gomod" # See documentation for possible values
directory: "/" # Location of package manifests
schedule:
interval: "daily"
- package-ecosystem: "github-actions"
directory: "/"
schedule:
# Check for updates to GitHub Actions every weekday
interval: "daily"
The workflow build.yml is referencing action hashicorp/vault-action using references v2.1.2. However this reference is missing the commit 8417c61f8a8d628e128b8a7c128d177d1aff38db which may contain fix to the some vulnerability.
The vulnerability fix that is missing by actions version could be related to:
(1) CVE fix
(2) upgrade of vulnerable dependency
(3) fix to secret leak and others.
Please consider to update the reference to the action.
One last recommendation (honest!......probably!) for automated code coverage/security/pull requests that might be useful, would be Snyk.
If you aren't already aware of Snyk, it allows you to get notified about and potentially remediate security issues within your repos.
It's a good/easy way of dealing with multiple repos and code bases from a single location, and seeing what is causing the issues.
Please close this at your discretion.
Describe the bug
Issuing:
ssh-manager get --provider bw --name firstchars
will match entries
and therefore fail.
I believe an exact match is expected.
Expected behavior
exact match
Environment:
v1.2.0
Macos
Describe the bug
Unable to install ssh-manager
To Reproduce
Steps to reproduce the behavior:
go get -u github.com/omegion/ssh-manager
go get: installing executables with 'go get' in module mode is deprecated.
Use 'go install pkg@version' instead.
For more information, see https://golang.org/doc/go-get-install-deprecation
or run 'go help get' or 'go help install'.
Expected behavior
I expect to build ssh-manager
localy as per README
Environment:
ssh-manager version
):Describe the bug
Adding a key via bw provider reports success, even though the key is not stored.
To Reproduce
Steps to reproduce the behavior:
bw lock
ssh-manager add --provider bw --name test123 --private-key bla --public-key bla.pub
time="xx-yy-2022 22:22:22" level=info msg="Manager Keys saved for test123."
Expected behavior
An error message, stating that the key could not be added.
Environment:
ssh-manager version
): ssh-manager v1.1.0Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Describe the solution you'd like
A clear and concise description of what you want to happen.
Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.
Explain any additional use-cases
If there are any use-cases that would help us understand the use/need/value please share them as they can help us decide on acceptance and prioritization.
Additional context
Add any other context or screenshots about the feature request here.
Is your feature request related to a problem? Please describe.
Log out provider responses when logging level is debug.
Describe the solution you'd like
A clear and concise description of what you want to happen.
Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.
Explain any additional use-cases
If there are any use-cases that would help us understand the use/need/value please share them as they can help us decide on acceptance and prioritization.
Additional context
Add any other context or screenshots about the feature request here.
Is your feature request related to a problem? Please describe.
maybe could bee a good idea to check if the user has BW unlocked when running ssh-manager
Describe the solution you'd like
trow a error to inform the user that the vault is locked instead of saying everything is fine
Additional context
#107 (comment)
I manage all my passwords in Bitwarden (in a self-hosted Vaultwarden instance) and really like the idea of storing SSH-keys there as well. As I don't always want to import both public and private keys I would like to see an option to define type to handle. This would allow to only retrieve public keys from Bitwarden on a new "server" as well as importing all the stored private keys on a new workstation.
I suggest to add the following four commands to work only with the respective keys (which are self explanatory about what they should do I hope)
add-public --name --public-key
add-private --name --private-key
get-public --name
get-private --name
A bonus command which would ease setting up new servers even further would be the following:
import-public --name --target[-file]
This command should retrieve only the public key (regardless if only a public-key or a public/private key pair is stored) from Bitwarden and append it to the given target-file
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.