Postico 2.0 SSH Private Key Handling

[jakob]

In Postico 2.0, we've added a new feature where you can store the config directory in iCloud or Dropbox to sync server settings across Macs.

This feature is still incomplete, since we currently do not sync passwords or SSH private keys. I'm currently working on adding password syncing (encrypted with a master password). However, I'm not sure that we should also sync private keys.

Since I'm currently working on this feature, I'd like to get some user feedback. I see two possibilities:

1) When you add a SSH private key to a favorite, Postico should create an (encrypted) copy of the file and store it in the configuration folder, so that the private key syncs together with all other settings.

2) Move the private key setting somewhere else (eg. to preferences). Then you would need to configure SSH private keys on every device, and they would not be synced.

In my opinion, approach (1) would make it easier to use SSH keys when you have less tech savvy members on your team, while (2) is more useful if everyone already has their personal SSH keys, and you don't want people to share SSH keys.

Both approaches have their pros and cons, and I'm curious which approach would work better for you.

[tkrajacic]

I like both approaches, and for me both options would work well, as I am the only one with those keys.

Ideally I'd say though you should support both variants because as you said, it depends on the user's requirements, which approach is feasible, and many times if one approach is the correct one for them, the other one would be unusable.

I gotta say, Postico 2 is so amazingly great already. Just wow!

[CSNWEB]

I think beeing able to disable private key sync is a must from my perspective if you go with 1. How about only syncing path? If it supports relative paths this should work well as many keys will be in ~/.SSH anyway.

[jakob]

@CSNWEB Thanks for the feedback. Just syncing the path doesn't work since Postico is sandboxed (if we don't care about the Mac App Store we could do away with sandboxing, but we've not made a final decision on that yet)

[KurtPattyn]

Why not use Keychain Access for this? All the syncing is foreseen in a secure way. Just copying around secrets is not a very good idea in my opinion.

[jakob]

We have been working on this feature!

Postico 2 added password syncing in build 7213, and I'm currently working on adding support for syncing private keys as well.

I haven't merged private key sync yet, but you can download a build with private key sync here: postico-7273.dmg

Private Key syncing was merged into Postico 2 in build 7288

Here's how you can try it:

1. Download new Postico build from link above
2. Go to Postico preferences and create a new "library" (=config directory) that uses a master password to encrypt credentials. Put the library on a network drive or in iCloud.
3. Create a favorite with a private key or a TLS client key
4. Now, on a second computer, add the library that you created in step 2
5. You'll see that the private key file was synced
6. When you click connect, Postico will ask you for the master password of the library to decrypt the key file

If you are curious about the internals, you can have a look at the JSON files to see how Postico encrypted the key files. Postico uses libsodium "Sealed Boxes" to encrypt key files.

This makes it very easy to securely sync passwords and private keys, you can use whatever syncing solution you are already using.

I know that some of you preferred not to sync private keys. For that use case, I plan to add a preference pane that allows configuring per-machine private keys that are not synced. Then you could do it however you prefer.