Suggestion SSH agent capability within 1P

Ned
Ned
edited December 1969 in 1Password 3 – 7 for Mac
I'd like to be able to manage my SSH keys from within 1Password. Have a look at SSH Agent.

Comments

  • Nik
    Nik
    1Password Alumni
    edited December 1969
    Thanks, Ned, we appreciate the feedback.
  • MartyS
    MartyS
    Community Member
    edited December 1969
    Keep in mind that even without a specific template for SSH (or other) keys, you can always use a Secure Note to secure items like this. You may want to consider having any SSH key(s) be stored in the Notes field of an Accounts > Server category item too since you likely have other attributes about the same system to keep track of.
  • jpw
    jpw
    Community Member
    edited December 1969
    MartyS wrote:
    Keep in mind that even without a specific template for SSH (or other) keys, you can always use a Secure Note to secure items like this. You may want to consider having any SSH key(s) be stored in the Notes field of an Accounts > Server category item too since you likely have other attributes about the same system to keep track of.


    Although managing my ssh keys would be nice with 1Password, I'd be more interested in being able to use 1Password to store the passphrase for the private (encrypted) ssh keys.

    Right now, when I ssh from my Mac, I get a dialog box that pops up to ask for the passphrase. I'd like to somehow have ssh get that from 1Password.

    1Password doesn't have to be a full ssh agent to support this (although that would be slick) - SSH has a hook that you might be able to use already - the SSH_ASKPASS environment variable. It contains the path of the executable to run whenever an ssh passphrase is needed.

    Couldn't 1Password support ssh this way somehow?
  • Nik
    Nik
    1Password Alumni
    edited December 1969
    jpw wrote:
    Couldn't 1Password support ssh this way somehow?

    Not at this time, I'm sorry. 1Password only interacts with your web browsers for filling forms online, it cannot communicate with other applications. You can store this information in 1Password, but you would need to copy and paste it manually when needed.
  • gosmond
    gosmond
    Community Member
    edited December 1969
    You might be able to create this functionality by using some combination of user-interface scripting / macros, such as Stairways Software's "Keyboard Maestro," and/or Applescript.

    AgileWeb -- to enable communications with other apps, instead of focusing on (or fending off) requests for interaction with Application X, App Y, App Z, etc., you might consider making 1Password as script-friendly as possible, building in comprehensive support for Automator, Applescript, or other external, user-customizable scripting frameworks.

    That would allow advanced users to build the functionality they want, for example automating SSH logins (or any other login) through Terminal.app, or database logins in Filemaker Pro, etc. etc.
  • sjk
    sjk
    1Password Alumni
    edited December 1969
    jpw wrote:
    Right now, when I ssh from my Mac, I get a dialog box that pops up to ask for the passphrase. I'd like to somehow have ssh get that from 1Password.

    Not a 1P-based solution, but …

    SSHKeychain (a superior replacement for SSH Agent, IMO) can store ssh passphrases in Apple's Keychain. Also, from the Does SSHChain work on Mac OS X 10.5 (Leopard)? FAQ:

    Yes, but you don't need it in Leopard. In Mac OS X 10.5, Apple has provided built-in integration of ssh-agent with the keychain.
  • Nik
    Nik
    1Password Alumni
    edited December 1969
    gosmond wrote:
    AgileWeb -- to enable communications with other apps, instead of focusing on (or fending off) requests for interaction with Application X, App Y, App Z, etc., you might consider making 1Password as script-friendly as possible, building in comprehensive support for Automator, Applescript, or other external, user-customizable scripting frameworks.


    This is disabled because our developers have concerns about AppleScript's security.
This discussion has been closed.