encrypt/decrypt using ssh keys
The legacy SSH RSA keys with header
-----BEGIN RSA PRIVATE KEY-----are not any more supported, convert your key to new format with:
ssh-keygen -p -f <path/to/your/private.key>
$ ssh-vault -h
encrypt/decrypt using ssh keys
Usage: ssh-vault [COMMAND]
Commands:
create Create a new vault [aliases: c]
edit Edit an existing vault [aliases: e]
fingerprint Print the fingerprint of a public ssh key [aliases: f]
view View an existing vault [aliases: v]
help Print this message or the help of the given subcommand(s)
Options:
-h, --help Print help
-V, --version Print version
Examples:
Create a vault:
$ echo "secret" | ssh-vault create -u <github.com/user>View a vault:
echo "SSH-VAULT..."| ssh-vault viewShare a secret:
$ echo "secret" | ssh-vault create -u newbrew install ssh-vault
$ cargo install ssh-vault
ssh-vault uses rand 0.10 for application-owned randomness.
The remaining older rand in the dependency graph is currently transitive via
the released rsa / ssh-key stack. Keep new application code on rand 0.10
APIs and only use the RSA-local compatibility path where rsa requires its own
rand_core types. Revisit this when upstream releases remove that constraint.
Please feel free to raise any issue, feature requirement or a simple comment here.