I want to ask the developers to implement multiline passwords.
I tried to save my private ssh key securely, since sometimes it is not that easy to apply a new public key for every device.
I can imagine other cases, where a multiline “secret” shall be stored.
Of course one can easily store a secrete as note, but I think classifing it as password/secrete has a value on its own.
I think private ssh keys are not multiline passwords. The “passwords” are only very long. Perhaps you can post an example. Remember to create an extra private key for posting or to modify an existing key accordingly. Do not post an existing key/password you want to store.
But as you mentioned it, the length of the password is also to short for the key. The line breaks are transformed to spaces (by my browser or passwords).
I don’t know if it makes sense to store a private ssh key in a password vault. The functions cannot be used anyway. The SSH key would have to be copied back to a system in a file anyway. So it is more like a backup copy of a file. It might make sense to save an associated passphrase there. To protect yourself from theft of the private key, you should also think about a passphrase.
Yes i agree. I think this is possible but not nice.
ssh-copy-id is probably the easiest way, if you are using openSSH on both machines.
Since Public keys as the name suggests, are public, it shouldn’t be an issue storing them as plain text in a notes filed. In theory you can store them anywhere you want, even on a publicly accessible wiki page or GitHub if you want. The private keys are the ones you have to keep safe.
cat ~/.ssh/id_rsa | tr -d '\n' prints the key as one line without spaces…
Of course you would then have to convert it back to the PKCS#1 private key format, in order to use it with OpenSSH. So this is not really a practical solution and it would most likely be too long for the password field in Passwords anyways…
…but you could use ed25519 keys instead of RSA keys. They are more secure, shorter and most important on one line by default
As an example: The firewall of the local network is done by service provider, so that public keys have not only to be applied on the local workstation but also give to the service provider, which will apply it manually.
True. But you got me wronge. I meant to store the private key (since the public key can not be easily applied, I have to use the private key on several devices). Storing it in the Cloud gives me access to it independently of other devices on which I already store/use it.
Thank you for that hint. That might be a work around at least for my problem. Nevertheless I think multiline secretes are no magic and have several applications.
I think it has some recents to call it a private key. Of course I could save the file just in the cloud and only the passphrase in the passwords app. But since the private key is sensitive data, it should get the extra layer of security passwords app is granting.
Yep I agree. But I also would argue that it would probably be more secure if you don’t re-use the same keys on multiple devices, especially if you have to grant access to third parties. This also has the advantage, that if one device gets compromised you don’t have to change the keys on every other device.
This is more about to discuss whether my usecase is resonable then the feature itself.
As I stated before: Sometimes it is not easily possible to place multiple public keys. Also if one does not manage the public keys on ones own, it be more secure to have just one key pair and be sure that it the public key gets revoced when your private key might be compromised.
Yeah sure. I just think that’s probably one of the reasons why SSH key management is not a feature in most password managers. And to be fair… How often do you have to transfer your private key to a new device? Does it really have to be always available in a password manager?
Anyways… I don’t know how often the devs visit this forum. If you want them to be aware of your feature request, it’s maybe better to open an issue here: Issues · marius-wieschollek/passwords · GitHub