Merge pull request #45 from joaojacome/cargomaster

Improved documentation, changed link to archived Bitwarden CLI, fixed subprocess login check
This commit is contained in:
Joao Jacome 2023-07-17 11:39:02 +01:00 committed by GitHub
commit 3e43873541
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 13 additions and 3 deletions

View file

@ -1,9 +1,12 @@
# Bitwarden SSH Agent # Bitwarden SSH Agent
## Requirements ## Requirements
* You need to have the [Bitwarden CLI tool](https://github.com/bitwarden/cli) installed and available in the `$PATH` as `bw`. * You need to have the [Bitwarden CLI tool](https://bitwarden.com/help/cli/) installed and available in the `$PATH` as `bw`. See below for detailed instructions.
* `ssh-agent` must be running in the current session. * `ssh-agent` must be running in the current session.
## Installation
Just save the file `bw_add_sshkeys.py` in a folder where it can by found when calling it from the command line. On linux you can see these folders by running `echo $PATH` from the command line. To install for a single user, you can - for example - save the script under `~/.local/bin/` and make it executable by running `chmod +x ~/.local/bin/bw_add_sshkeys.py`.
## What does it do? ## What does it do?
Fetches SSH keys stored in Bitwarden vault and adds them to `ssh-agent`. Fetches SSH keys stored in Bitwarden vault and adds them to `ssh-agent`.
@ -20,7 +23,7 @@ Fetches SSH keys stored in Bitwarden vault and adds them to `ssh-agent`.
2. Add an new secure note to that folder. 2. Add an new secure note to that folder.
3. Upload the private key as an attachment. 3. Upload the private key as an attachment.
4. Add the custom field `private` (can be overridden on the command line), containing the file name of the private key attachment. 4. Add the custom field `private` (can be overridden on the command line), containing the file name of the private key attachment.
5. (optional) If your key is encrypted with passphrase and you want it to decrypt automatically, save passphrase into custom field `passphrase` (field name can be overriden on the command line) 5. (optional) If your key is encrypted with passphrase and you want it to decrypt automatically, save passphrase into custom field `passphrase` (field name can be overriden on the command line). You can create this field as `hidden` if you don't want the passphrase be displayed by default.
6. Repeat steps 2-5 for each subsequent key 6. Repeat steps 2-5 for each subsequent key
## Command line overrides ## Command line overrides
@ -29,3 +32,10 @@ Fetches SSH keys stored in Bitwarden vault and adds them to `ssh-agent`.
* `--customfield`/`-c` - Custom field name where private key filename is stored _(default: private)_ * `--customfield`/`-c` - Custom field name where private key filename is stored _(default: private)_
* `--passphrasefield`/`-p` - Custom field name where passphrase for the key is stored _(default: passphrase)_ * `--passphrasefield`/`-p` - Custom field name where passphrase for the key is stored _(default: passphrase)_
* `--session`/`-s` - session key of bitwarden * `--session`/`-s` - session key of bitwarden
## Setting up the Bitwarden CLI tool
Download the [Bitwarden CLI](https://bitwarden.com/help/cli/), extract the binary from the zip file, make it executable and add it to your path so that it can be found on the command line.
On linux you will likely want to move the executable to `~/.local/bin` and make it executable `chmod +x ~/.local/bin/bw`. `~/.local/bin` is likely already set as a path. You can confirm that by running `which bw`, which should return the path to the executable. You can use the same approach to turn `bw_add_sshkeys.py` into an executable.
If you want to build the Bitwarden CLI by yourself, see [these instructions on the bitwarden github page](https://contributing.bitwarden.com/getting-started/clients/cli).

View file

@ -39,7 +39,7 @@ def get_session(session: str) -> str:
return session return session
# Check if we're already logged in # Check if we're already logged in
proc_logged = subprocess.run(["bw", "login", "--check", "--quiet"], check=True) proc_logged = subprocess.run(["bw", "login", "--check", "--quiet"], check=False)
if proc_logged.returncode: if proc_logged.returncode:
logging.debug("Not logged into Bitwarden") logging.debug("Not logged into Bitwarden")