Initial commit
This commit is contained in:
commit
632716f908
31
README.md
Normal file
31
README.md
Normal file
|
@ -0,0 +1,31 @@
|
||||||
|
# Bitwarden SSH Agent
|
||||||
|
|
||||||
|
## Requirements
|
||||||
|
|
||||||
|
* You need to have the bitwarden cli `bw` installed
|
||||||
|
* ssh-agent must be running in the current session
|
||||||
|
|
||||||
|
## What it does?
|
||||||
|
|
||||||
|
* connects to bitwarden using the bitwarden cli
|
||||||
|
* looks for a folder called `ssh-agent`
|
||||||
|
* loads the ssh key for each item in that folder
|
||||||
|
|
||||||
|
## How to use it
|
||||||
|
|
||||||
|
`$ ./start.sh`
|
||||||
|
|
||||||
|
Fill in you login information
|
||||||
|
|
||||||
|
|
||||||
|
## Storing the keys in BitWarden
|
||||||
|
|
||||||
|
1. Create a folder called 'ssh-agent'
|
||||||
|
2. Add an new secure note to that folder
|
||||||
|
3. Upload the private_key as an attachment
|
||||||
|
4. add the custom field `private`, containing the private key filename
|
||||||
|
|
||||||
|
|
||||||
|
## Improvements to be made
|
||||||
|
|
||||||
|
* Find a way to extract the attachment from bitwarden in memory, instead of creating a file for it
|
64
ssh.py
Executable file
64
ssh.py
Executable file
|
@ -0,0 +1,64 @@
|
||||||
|
import subprocess
|
||||||
|
import os
|
||||||
|
import sys
|
||||||
|
import json
|
||||||
|
from urllib.parse import urlparse, urlencode
|
||||||
|
from urllib.request import urlopen, Request
|
||||||
|
from urllib.error import HTTPError
|
||||||
|
|
||||||
|
try:
|
||||||
|
subprocess.check_output(['bw', 'logout'])
|
||||||
|
except:
|
||||||
|
pass
|
||||||
|
|
||||||
|
try:
|
||||||
|
session = subprocess.check_output(['bw', '--raw', 'login'])
|
||||||
|
session = ['--session', session]
|
||||||
|
except:
|
||||||
|
print('Couldnt login!')
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
|
try:
|
||||||
|
folders = subprocess.check_output(['bw','list', 'folders', '--search', 'ssh-agent'] + session)
|
||||||
|
folders = json.loads(folders)
|
||||||
|
if not folders:
|
||||||
|
raise AttributeError
|
||||||
|
if len(folders) != 1:
|
||||||
|
raise ValueError
|
||||||
|
except AttributeError:
|
||||||
|
print('Couldnt find ssh-agent folder!')
|
||||||
|
sys.exit(1)
|
||||||
|
except ValueError:
|
||||||
|
print('More than one ssh-agent folder found!')
|
||||||
|
sys.exit(1)
|
||||||
|
except:
|
||||||
|
print('Error retrieving folders.')
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
|
folder = folders[0]['id']
|
||||||
|
|
||||||
|
try:
|
||||||
|
items = subprocess.check_output(['bw', 'list', 'items', '--folderid', folder, 'ssh-agent'] + session)
|
||||||
|
items = json.loads(items)
|
||||||
|
except Exception as e:
|
||||||
|
print('Cant fint items.')
|
||||||
|
print(e)
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
|
keys = []
|
||||||
|
try:
|
||||||
|
for item in items:
|
||||||
|
private_key_file = [k['value'] for k in item['fields'] if k['name'] == 'private' and k['type'] == 0][0]
|
||||||
|
|
||||||
|
private_key_id = [k['id'] for k in item['attachments'] if k['fileName'] == private_key_file][0]
|
||||||
|
|
||||||
|
# would be nice if there was an option to retrieve the attachment file directly to the stdout
|
||||||
|
subprocess.check_output(['bw', 'get', 'attachment', private_key_id, '--itemid', item['id'], '--output', './private_key'] + session)
|
||||||
|
private_key = open('private_key', 'r').read()
|
||||||
|
os.remove('./private_key')
|
||||||
|
keys.append({'private_key': private_key})
|
||||||
|
except:
|
||||||
|
print('Something happened.')
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
|
print(';'.join([k['private_key'] for k in keys]))
|
Loading…
Reference in a new issue