Better handling of SSH keys
Comments
-
@jamesdh: I agree that it isn't as seamless as filling using the 1Password extensions, but I'm not having any trouble copying and pasting here. Is there a specific app you're using where pasting is problematic for some reason? Have you tried drag and drop? We can't offer "first class support" when it comes to filling in other iOS apps since there is no direct way to integrate on the platform; the iOS extensions framework is the only option. It seems odd to me that pasting would not work though, so I'd be interested to hear more about where you're running into trouble.
0 -
@brenty I just mean first class support in terms of interacting w/ SSH keys within 1Password. I'm well aware you can't support app-specific use cases, but an easier interaction within 1Password or 1Password Mini would go a long ways.
I did finally realize that on iOS if I go into a Secure Note, click Edit, and then Select All of the key, then it works. Without selecting Edit first, it couldn't select the entire note.
0 -
I'm here for the SSH key storage.
0 -
@diversityxdesign: Thanks for letting us know you'd like us to add support for SSH keys to 1Password! :)
@jamesdh: I really appreciate the additional details. That makes sense. I can't say we have plans to explicit support for SSH keys, but it sounds like some usability improvements to Secure Notes might help you and others as well. Thank you! :)
ref: OPI-4296
0 -
+1 on this too. Would be great to get integration with an app like Prompt 2, which already supports usernames/passwords from 1Password, but not SSH keys.
0 -
@alexreg - we hear you, loud and clear. SSH key management/use is different enough from what we're already doing with login management/use in 1Password that it's not simply a matter of "expanding" things, but when we have a little more breathing room, we'll be revisiting whether/how we can do this in a way that maintains our standards of security and provides a value for power-users without confusing newer users. Thanks!
0 -
@alexreg -- you're quite welcome! Though it may not feel like it if/when we don't adopt a suggestion that's made, we are truly grateful for every single bit of feedback we receive. It helps both keep us on our toes, remembering to push forward to make 1Password better, as well as reminds us of what the user-base wants. We won't always adopt every suggestion (indeed, it would be impossible as some suggestions directly contradict others!), but we will always listen gratefully, and many of the features you see in 1Password today DID in fact come at least in part from suggestions out of the user community. So, thanks for being awesome and taking the time to share your thoughts and your wishes for what you'd like to see in future versions. Have a great weekend!
0 -
I've been a 1Password advocate for a while but have now encouraged my team to move to LastPass because of their better handling of SSH keys (cf. https://www.koszek.com/blog/2015/12/07/using-lastpass-with-ssh/). I'd love to see 1Password improve on this front!
0 -
@giumartello: Thanks for sharing that article! I can barely find my way around a CLI tool (our own included), but I did pass it along to our CLI developers to see if it can serve as a helpful reference for bringing something similar to 1Password. As others in this thread have mentioned, we're absolutely looking for a way to improve this and op (what we call the CLI tool currently in beta) is a promising place to find that solution, but we just haven't found one we're happy with just yet. All the same, I did get eyes on it that will certainly see more than my own, so hopefully it will be of help. Thanks again for sharing and we'll keep working to see what we can come up with. :chuffed:
0 -
It'd be great to have improvements on this area
0 -
I'm having this issue as well. I have a few deployment keys that I want to store in my Server record in 1Password.
The notes field isn't practical, because I don't want the key to be visible and I want to store more than one key. The password field doesn't seem to support multiple lines.
I can use attachments, but I like to keep my items in sections and the fields are easier to copy.
It would be a great addition if you had an "encrypted note" or "hidden note" or "secret" field type that allows multiple lines.
It would solve another issue I have, often I want to store a password, but don't want to hit the generate password button by accident.
0 -
I'm having this issue as well. I have a few deployment keys that I want to store in my Server record in 1Password. The notes field isn't practical, because I don't want the key to be visible and I want to store more than one key. The password field doesn't seem to support multiple lines. I can use attachments, but I like to keep my items in sections and the fields are easier to copy. It would be a great addition if you had an "encrypted note" or "hidden note" or "secret" field type that allows multiple lines.
@Yvo: Thanks for the feedback! It really helps to have a sense of your use case, and why other options aren't a good fit for you. :)
ref: apple-498
It would solve another issue I have, often I want to store a password, but don't want to hit the generate password button by accident.
But I don't understand what you mean by this. Can you elaborate?
0 -
I have the same issue.
The Concealed and Generate states should be separated and exposed in the UI. Some "passwords" are generated outside 1Password's control, and should never have the option to be generated by 1Password. Yet they should be concealed. 1Password already stores these attributes separately, but the UI does not provide a means to use them. There should be an option to disable the password generator for an item.
Example: a safe deposit box passcode. I don't have control over this, but want it Concealed. Likewise SSH keys which are generated by another app. Or our home alarm code. Etc.
0 -
@brenty Yes, exactly what @MrC is describing.
Often we generate passwords outside of 1Password and you don't want to risk resetting them by accidentally hitting the generate button in 1Password. I've been switching a bit between Windows and MacOS, so I've been using my mouse to click the small Copy button to copy a password. When the item is in Edit mode, 1Password puts the Generate Password button on the same spot as the Copy button. Not a big issue, but like @MrC said, for some items you never want to use the Generate Password button.
I'm not sure how much work it would be for the 1Password dev team, but an extra field type "secret" would be great. It should support multiple lines, show **** when locked, and not have the Generate Password button.
1Password already seems to have a special field type for Credit Card verification number (isn't multiline though).
Another use case is for two factor authentication backup codes. When you turn on two factor auth. on Gmail, you get a list of 10 backup verification codes. I have to use the Note field for this right now, but I would rather have a multiline secret for this as well.
0 -
@brenty Thank you for sharing my comments with the team.
Do you outsource the work on the Mac version?
I didn't know that, I thought you guys were doing development on the Mac version in house.In the user interface you could probably solve this by showing a Notes field when the item is being edited and showing a field similar to the one being used for the Credit card verification number field when you display it.
0 -
Thank you for sharing my comments with the team.
@Yvo: You're very welcome! Thanks for sharing. :chuffed:
Do you outsource the work on the Mac version? I didn't know that, I thought you guys were doing development on the Mac version in house.
Wait, what? No! Everything we put out is developed by us here at AgileBits. I'm sorry some of my silliness gave you that impression. I suspect it was this:
It's always tough "spending Tim Cook's money", A.K.A. volunteering people other than ourselves for some work to be done
Sorry, this was a poor attempt at a nerd joke, referencing a podcast I rather like. What I meant is that you and I here having this conversation are sort of volunteering my my team mates here at AgileBits for working on this stuff. Sorry for the confusion I caused there!
In the user interface you could probably solve this by showing a Notes field when the item is being edited and showing a field similar to the one being used for the Credit card verification number field when you display it.
Yep! I think that makes good sense. I'd love to someday be able to have control over the size (lines at least) of some of these fields too.
0 -
It’s really shocking to hit the same problem - on iOS. I’m away on holiday with an iPad and discover that the ssh key I need which lives in 1P is not accessible on my iOS device.
0 -
I’m also sad to discover that the request dates back 2+ years... I really don’t know - saving passwords and login information is supposed to be your thing... an ssh key is a kind of login and this should be easy...? Sigh
I eventually realised that the download button does do something (not sure if you have to click on it the right way?) and you get a page with a share button - but sharing to copy doesn’t work you have to open it up in some other app (it took me a while to find one that did work - in my case GoodReader or WorkingCopy managed it). But this is really jumping through too many hoops. It should work straight in 1P.
0 -
@365nice: I don't understand what you're suggesting. I do store my own SSH keys in 1Password as both a Document and plaintext (in a Secure Note), and can access them on various devices if needed. I'm sorry for the trouble you're having, but it sounds like what you're struggling with is a limitation of iOS, not 1Password. :blush:
0 -
+1 for native/first class ssh-key support in 1Password. It'd also be handy if there was a way of supporting key art, which requires a monospaced font. Linking the keys to the 1Password server items where they are used would be useful too.
0 -
Could you please elaborate about what specifically you’d like for 1Password to do in regards to SSH keys that it doesn’t do now? Also: password fields do use a monospaced font I believe, so if you store the key part in a password field it would appear correctly.
Ben
0 -
I’d like to see an “ssh key” object (like login, server) which supports attaching the key files (public, private) as separate objects. Those objects would both allow the files to be downloaded, and copied directly onto the clipboard so they can be pasted when editing a file or filling a field. The two different keys, for example id_rsa and id_rsa.pub would have different icons so they were easily differentiated.
The ssh key object would allow other information to be stored, such as the key generation date, the passphrase, encryption algorithm (rsa, dsa, ecdsa etc), host name(s) etc. Storing the key art file such that it was easily accessible during a terminal session, such as a floating window that can be dragged around would be useful. Placing the key art into a password field might be possible (if it handles LF ok) but since the art is large, I don’t think that will be so amenable for actual usage.
It would be really nice if that key object could be linked to a server object so it was possible access them through that, search for which servers have which key and so on. I guess this introduces more of a hierarchy of items, which others might view as undesirable?
What would be especially neat would be for 1Password to link to the ssh keychain manager, so that unlocking a vault would allow injection of the private key into the keychain. Linking 1Password to some of the most popular ssh clients would be nice too - secure transfer of keys from 1Password to the client, bypassing the clipboard, would be really sweet.
Generation of key pairs directly in 1Password would be lovely too, including random pass phrase generation like password today.
I guess it is a big list, and I’m sure others will have different ideas, but this is the beginning of my ideal requirements.
0 -
@poshboy: We don't have plans currently to add more templates. We get asked for a lot of different ones and it just isn't feasible to add all of them. If we did, the app would be a mess too. I use Secure Notes for this, as that allows me to add custom fields and an icon, and Markdown support in version 7 allows me to format it nicely too. I do like the idea of being able to generate these in 1Password though. Perhaps that's something we could do someday. I don't think we're going to do anything with Keychain again though, as that was a bag of hurt. :)
0 -
As brenty mentioned it is unlikely at this point that we will add additional categories / templates to 1Password. We do have it on the wish list to make it such that customers can define their own templates, but I couldn’t say if or when this might happen. In the mean time this guide may be helpful:
Secure all the things in Secure Notes - AgileBits Blog
We do appreciate the feedback on this matter and hopefully in the future we can offer better tools to help address these needs for you.
Ben
0 -
+1 on having native support for ssh keys in 1password!
Basically I want http://sudolikeaboss.com/ but for 1password 70 -
Thanks for the feedback, @justinjuice10. :)
Ben
0
