Initial commit
This commit is contained in:
commit
632716f908
31
README.md
Normal file
31
README.md
Normal file
|
@ -0,0 +1,31 @@
|
|||
# Bitwarden SSH Agent
|
||||
|
||||
## Requirements
|
||||
|
||||
* You need to have the bitwarden cli `bw` installed
|
||||
* ssh-agent must be running in the current session
|
||||
|
||||
## What it does?
|
||||
|
||||
* connects to bitwarden using the bitwarden cli
|
||||
* looks for a folder called `ssh-agent`
|
||||
* loads the ssh key for each item in that folder
|
||||
|
||||
## How to use it
|
||||
|
||||
`$ ./start.sh`
|
||||
|
||||
Fill in you login information
|
||||
|
||||
|
||||
## Storing the keys in BitWarden
|
||||
|
||||
1. Create a folder called 'ssh-agent'
|
||||
2. Add an new secure note to that folder
|
||||
3. Upload the private_key as an attachment
|
||||
4. add the custom field `private`, containing the private key filename
|
||||
|
||||
|
||||
## Improvements to be made
|
||||
|
||||
* Find a way to extract the attachment from bitwarden in memory, instead of creating a file for it
|
64
ssh.py
Executable file
64
ssh.py
Executable file
|
@ -0,0 +1,64 @@
|
|||
import subprocess
|
||||
import os
|
||||
import sys
|
||||
import json
|
||||
from urllib.parse import urlparse, urlencode
|
||||
from urllib.request import urlopen, Request
|
||||
from urllib.error import HTTPError
|
||||
|
||||
try:
|
||||
subprocess.check_output(['bw', 'logout'])
|
||||
except:
|
||||
pass
|
||||
|
||||
try:
|
||||
session = subprocess.check_output(['bw', '--raw', 'login'])
|
||||
session = ['--session', session]
|
||||
except:
|
||||
print('Couldnt login!')
|
||||
sys.exit(1)
|
||||
|
||||
try:
|
||||
folders = subprocess.check_output(['bw','list', 'folders', '--search', 'ssh-agent'] + session)
|
||||
folders = json.loads(folders)
|
||||
if not folders:
|
||||
raise AttributeError
|
||||
if len(folders) != 1:
|
||||
raise ValueError
|
||||
except AttributeError:
|
||||
print('Couldnt find ssh-agent folder!')
|
||||
sys.exit(1)
|
||||
except ValueError:
|
||||
print('More than one ssh-agent folder found!')
|
||||
sys.exit(1)
|
||||
except:
|
||||
print('Error retrieving folders.')
|
||||
sys.exit(1)
|
||||
|
||||
folder = folders[0]['id']
|
||||
|
||||
try:
|
||||
items = subprocess.check_output(['bw', 'list', 'items', '--folderid', folder, 'ssh-agent'] + session)
|
||||
items = json.loads(items)
|
||||
except Exception as e:
|
||||
print('Cant fint items.')
|
||||
print(e)
|
||||
sys.exit(1)
|
||||
|
||||
keys = []
|
||||
try:
|
||||
for item in items:
|
||||
private_key_file = [k['value'] for k in item['fields'] if k['name'] == 'private' and k['type'] == 0][0]
|
||||
|
||||
private_key_id = [k['id'] for k in item['attachments'] if k['fileName'] == private_key_file][0]
|
||||
|
||||
# would be nice if there was an option to retrieve the attachment file directly to the stdout
|
||||
subprocess.check_output(['bw', 'get', 'attachment', private_key_id, '--itemid', item['id'], '--output', './private_key'] + session)
|
||||
private_key = open('private_key', 'r').read()
|
||||
os.remove('./private_key')
|
||||
keys.append({'private_key': private_key})
|
||||
except:
|
||||
print('Something happened.')
|
||||
sys.exit(1)
|
||||
|
||||
print(';'.join([k['private_key'] for k in keys]))
|
Loading…
Reference in a new issue