search

maxgoedjen / secretive

Store SSH keys in the Secure Enclave
MIT License
7.26k stars 159 forks source link

Command-line interface #328

Open francoisdtm opened 2 years ago

francoisdtm commented 2 years ago

It would be nice to add a simple CLI so that we can add keys from bash scripts and Ansible playbooks.

sandstrom commented 1 year ago

Although a CLI is some extra work, there are a lot of advanced feature requests among the issues.

Some of those features would be easier to maintain as advanced features (extra CLI flags) in a CLI tool -- for example requiring biometric auth. That way, no custom UI needs to be built for them.

That would be one benefit with a CLI tool.

maxgoedjen commented 1 year ago

@francoisdtm coming back to this one – can you describe what kind of thing you'd be interested in? Most of the relevant functionality is already exposed via the ssh-agent interface. You could plausibly expose API to create new keys, but depending on what you mean from "add keys from," that may not be possible with or without a CLI, since it's not possible to import keys.

MariusVolkhart commented 8 months ago

An API to create a new key is exactly what I'm looking for. My use case is automating the provisioning of a new machine. I'd like to generate a new key in Secretive, then upload the public key to the git server (Bitbucket in my case). So I want an API that can generate the key and give me back info about the public key (file path, the key content, etc).

0xmachos commented 7 months ago

A use case I've just come across is programatically getting the file path of the generated Public Key files.

I'd like to be able to get a list of active keys from Secretive (name, fingerprint, public key, public key file path) so that I can add the public key file path to my SSH config or symlink to the public key file path from $HOME/.ssh/.

See https://github.com/0xmachos/dotfiles/commit/18f484151c29594ecba7e1d0ef7dff6ae06efdd0 for a little bit more detail.

martinpaljak commented 3 months ago

A command line interface would benefit #565 for integration purposes and also automation (if the key does not require authorization)

0xRake commented 3 months ago

@francoisdtm coming back to this one – can you describe what kind of thing you'd be interested in? Most of the relevant functionality is already exposed via the ssh-agent interface. You could plausibly expose API to create new keys, but depending on what you mean from "add keys from," that may not be possible with or without a CLI, since it's not possible to import keys.

issue 565 seems relevant