ccontavalli / ssh-ident

Different agents and different keys for different projects, with ssh.
Other
965 stars 71 forks source link

A command line interface for selecting identity and listing identities and keys. #22

Open mc0e opened 8 years ago

mc0e commented 8 years ago

This project is heading in a good direction, but I'm not entirely happy with the ways the identity is selected. I'd like to be able to issue a command to select which identity I want to use. I'd also like to be able to list identities, and the keys loaded in them. I'm imagining something like the following:

# switch to using the 'work' identity.  This probably needs a bash alias
ssh-ident work
# without the alias we'd need to source the output of a command (or set an environment var)
`ssh-ident work`

# interactive selection ?
ssh-ident -i

# with no arguments, list known identities
ssh-ident

# list the loaded keys of the current identity (presumably needs an aliased ssh-add command)
ssh-add -L

ssh-ident work would output shell commands, which in turn would set and export environment variables. There could be an environment variable naming the identity, caught later by ssh-ident, or environment variables for consumption by openssh could be set (e.g. SSH_AUTH_SOCK).

I've chosen to address ssh-ident directly by it's own name for setting the identity, which means putting the executable or a symlink with that name in the path. I figure ssh-ident could also get a couple of extra bits of functionality like listing the identities it knows about, whether they are running, and what keys are loaded.

s1kx commented 8 years ago

Agreed, currently the way that identitites are selected is fuzzy and prone to error. I think ssh-ident should be split into seperate scripts:

I believe that trying to squeeze more functionality into the ssh-ident script itself is going to make it even more monolithic than it already is, and reduce maintainability.

bendikro commented 7 years ago

@mc0e @s1kx I've implemented the basic idea in #37

maddes-b commented 3 years ago

Accessing the ssh-agent of an identity can be done by just sourcing the related environment file of the wanted identity. Same as using pure ssh-agent where you also have to make sure to have the correct environment variables set. I use a subshell to not polute my normal environment. ( . ~/.ssh/agents/agent-<identity>-${HOSTNAME} >/dev/null 2>/dev/null; /usr/bin/ssh-add -l; )

P.S.: I'm currently implementing an ssh-add wrapper functionality in my fork, which allows to use ssh-add -i <identity> ...

maddes-b commented 3 years ago

Have a look at my fork at https://github.com/ssh-ident/ssh-ident1 There I extended ssh-ident to recognize ssh-agent/ssh-add and add a virtual paramter -i <identity>

mc0e commented 3 years ago

@maddes-b said:

Have a look at my fork at https://github.com/maddes-b/ssh-ident There I extended ssh-ident to recognize ssh-agent/ssh-add and add a virtual paramter -i <identity>

Is that a work-in-progress fork, or are you taking your project in a separate direction?

I.e. Are those changes likely to be merged here?

mc0e commented 3 years ago

Accessing the ssh-agent of an identity can be done by just sourcing the related environment file of the wanted identity. Same as using pure ssh-agent where you also have to make sure to have the correct environment variables set. I use a subshell to not polute my normal environment. ( . ~/.ssh/agents/agent-<identity>-${HOSTNAME} >/dev/null 2>/dev/null; /usr/bin/ssh-add -l; )

P.S.: I'm currently implementing an ssh-add wrapper functionality in my fork, which allows to use ssh-add -i <identity> ...

This is really useful, as it gives me a way to use the desired agent that is more likely to work when using software that uses the ssh protocol via libraries rather than accessing the binary

maddes-b commented 3 years ago

Intention is to go for a ssh-ident3. Still have to settle the development structure. It will be developed under GitHub organization 'ssh-ident' to allow building a team.

maddes-b commented 2 years ago

Moved to https://github.com/ssh-ident/ssh-ident1

SSH_ADD_OPTIONS got a little bit more advanced.

maddes-b commented 2 years ago

Updated fork:

Add virtual parameter -I (uppercase) for ssh-agent and ssh-add to also load keys

* For ssh-add/ssh-agent add first virtual parameter -I (uppercase) which also loads keys
* Enhance README with new functionality and its usages
* Enhance README with troubleshooting section
maddes-b commented 2 years ago

Intention is to go for a ssh-ident2. Still have to settle the development structure. It will be developed under GitHub organization 'ssh-ident' to allow building a team.

There's a work-in-progress(!) where I implemented dumping the config. Listing identities will be next, before doing the ssh wrapper stuff. https://github.com/ssh-ident/ssh-ident3/tree/feature/build-code-basis