Add the private key's passphrase as a field to the SSH key item

smanojkarthick
smanojkarthick
Community Member
edited May 2022 in SSH

Currently, there's no option to view the passphrase for the key in the item details. Would it be possible to store the passphrase along with the item? I currently store the passphrase as separate password entries within 1password, but having it alongside the key would be much more handy.


1Password Version: 8.6.0 80600028 (Nightly)
Extension Version: Not Provided
OS Version: macOS 12.0.1 21A559 arm64

Comments

  • @smanojkarthick Thanks for your feedback. Currently, importing a private key decrypts it and stores it in 1Password as an unencrypted key. The key is still encrypted by 1Password, but if you were to export it, it would export as an unencrypted OpenSSH key instead of the original format.

    Given that the passphrase is no longer needed for the key, would you still like to store it on the key? Thanks!

  • smanojkarthick
    smanojkarthick
    Community Member

    Thanks! Yeah, on machines where I can’t run the 1P app (server boxes), I’d still like to use 1Password as the source/storage for the SSH keys. My plan is to download and use the keys using the openssh agent + passphrase (which can hopefully be automated once the CLI v2 adds SSH key support).

  • jimeh
    jimeh
    Community Member

    For now I've solved/worked around this by exporting the private key and adding a passphrase to it (ssh-keygen -f ~/.ssh/id_ed25519 -p -a 100). Then adding the the encrypted id_ed25519 file as a file attachment to the SSH key entry in 1Password, along with a custom password field that holds the password for the attached file.

  • That's a great use case, @smanojkarthick, and I like @jimeh's solution. I could see doing this automatically would be helpful. Certainly something for us to consider.

    Thanks for sharing!

    ++dave;
    1Password Founder

This discussion has been closed.