I want to ask the developers to implement multiline passwords.
I tried to save my private ssh key securely, since sometimes it is not that easy to apply a new public key for every device.
I can imagine other cases, where a multiline “secret” shall be stored.
Of course one can easily store a secrete as note, but I think classifing it as password/secrete has a value on its own.
I think private ssh keys are not multiline passwords. The “passwords” are only very long. Perhaps you can post an example. Remember to create an extra private key for posting or to modify an existing key accordingly. Do not post an existing key/password you want to store.
Hi @devnull!
At least my 4096 bits rsa keys are multiline (as generated by ssh-keygen).
Here comes an example.
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAACFwAAAAdzc2gtcn
NhAAAAAwEAAQAAAgEAwXvJu7rxvX0puYSBtV/mDOQFFwHDdSMwCGwVlhDmM7emVAG3N5Cu
mbQ5k1TmIPcDUehX/bFHRUpNPakkGdJJZF40mga6GF4ITeVY8aAxKj30nqIH7mGAe+YO0G
3p0ynFOIaM0efAuMQOrjfDnaOtgCu3KpfwzIEKsihKwjZRgm6yNyF/SEsIvXiu0KQ0xgy3
2xfksj8f7N3hDChxc06UrsAcqk/lrL0v/kMnxFfhl8e+DDGykdw/7jVfuqESvDqWkqA+a8
ZM44lQ8fDzSMJQA29JqKZho1MPYMwm5bMM0HfTqEjLWfasFRIcYSmGvb0l/ObDCgnPLoH7
Bvz/I+MsuklbrBg4+7urAWv4Dl8sE5bTvJmeG0WBaKwgx7Zw2PrNqadewhXT4CRfG5VnbU
WYyuNpbioUKrp6aLBKNyWl8J1VEZ8dqV7nVdEOYGNC44QHKTGByWHwS9WXrFQaHE7JDfHy
gDDxbfNJRFVdqKR7Vky2AI7maFRKn5bnA4Tb7+sHSMsF2JdIKp/lQXIXVny5EoMZqMIi1T
hUZB//uXcIAn1i850aoW2xSIlLsKoKHbexkQ02jrkZO5ysPevPJTLzO+kufZlP3FFikiAx
cQVJQeSKtUqeziWUCgGVnNrgjKpvGSBuKPMYTWM2AOoADI4dvCQR8Jf1jH6LQ0iaZxybnk
kAAAdQ615a5OteWuQAAAAHc3NoLXJzYQAAAgEAwXvJu7rxvX0puYSBtV/mDOQFFwHDdSMw
CGwVlhDmM7emVAG3N5CumbQ5k1TmIPcDUehX/bFHRUpNPakkGdJJZF40mga6GF4ITeVY8a
AxKj30nqIH7mGAe+YO0G3p0ynFOIaM0efAuMQOrjfDnaOtgCu3KpfwzIEKsihKwjZRgm6y
NyF/SEsIvXiu0KQ0xgy32xfksj8f7N3hDChxc06UrsAcqk/lrL0v/kMnxFfhl8e+DDGykd
w/7jVfuqESvDqWkqA+a8ZM44lQ8fDzSMJQA29JqKZho1MPYMwm5bMM0HfTqEjLWfasFRIc
YSmGvb0l/ObDCgnPLoH7Bvz/I+MsuklbrBg4+7urAWv4Dl8sE5bTvJmeG0WBaKwgx7Zw2P
rNqadewhXT4CRfG5VnbUWYyuNpbioUKrp6aLBKNyWl8J1VEZ8dqV7nVdEOYGNC44QHKTGB
yWHwS9WXrFQaHE7JDfHygDDxbfNJRFVdqKR7Vky2AI7maFRKn5bnA4Tb7+sHSMsF2JdIKp
/lQXIXVny5EoMZqMIi1ThUZB//uXcIAn1i850aoW2xSIlLsKoKHbexkQ02jrkZO5ysPevP
JTLzO+kufZlP3FFikiAxcQVJQeSKtUqeziWUCgGVnNrgjKpvGSBuKPMYTWM2AOoADI4dvC
QR8Jf1jH6LQ0iaZxybnkkAAAADAQABAAACAA8i5wJHurevPf9kbV1KFk413GwTWD4mtZBD
HGE0Cz5KhLmXtMSlDfO6VLLA9ovnpxvWSGPxZXj3OhmzzL40ZEd00zqlghN777xgT9f/Rz
ldxXBPjr1IZWvL8Ka/ooZBg0tLw2J8deg+dkOM20HO1zjqspajclQdWD/dxRNyemfwzwJf
HX0DWbiw40QxRGul/RAny11icNXv+bYgx9dUc29EWjm8rGQaHNIQYOEMWvqrxqNfk++zQl
EZXdbU2Qler/7iiF+YENXQHUQALJgpk2bhYurNsV+8lLxm3DgmDL+WUDmfEEGGeangU9YK
EJ9xV7J0Pxfe8pVZ19CRJEijchEx4dLcMqw/t+XvoBolMS7y/s1RLrBIFSN3sjbbXUzJup
YjZUQbVkeCMpzNonWGKStZhsGzGoFgmkIAQ6UCQxpUwR+txTPQOPFOvKPRfRycLHb1DgDN
gf50WL14fI2B2XMUfwxPvERZC5FhC+jiemXQw+dMrluAejIZkHygRJ+lfOK/xl3nUXwiIu
JMWi2vOKsgFgDWAoiJATLySiFqPrx6bvBgICRJo/sFpNkFRO4z1zrDzrp0/F+6QWLDZBSG
B9ViW0HqRAkbWLG1JJ5n9Uvv+Ii3G6pffQ6L2JnV4YgbPe+W8iuOCqBkSncLXMpch4OpRW
dbK/vpyMkw4upfQVMNAAABAQDPvQ4PjilWaH604ZkJxJdV5ff5j718XG21vVRVfdQ6rDGR
/axpxlR+4ij68BJdQVUfAAOmy+scfDn9c0TGghSBEzWBu+N1UfaKTgBCj1zael9Ani0cTH
8XgJlHfmlrB2F6g38h3F+I6iWXynycq0dLj4HfGlWDsxf0rpza0/KDvj9Ym1he38dBzsXE
ZsCnmvanbIwgvMBxoQbOaPN1XzrplcJgr7ci1ENMbM6vTUNQXzkNm1A9cgeLFL+pRxjlwE
hf7MKNrHG0/ZDtogMP1pCwa5cAB1OO453T2qmJIC799V3t787vxAymj9//96u0VxiSLezC
+rB/xPfN4Lau03LiAAABAQDrPBZlaERTlPx2ANdzkiDV0mMTFXqE1H96z4MpIgKOiMEFOH
Gv7yRjqfiSd99uS1/3C1DlcXowzayrULFQaVf/W61T3r+J7MSRo2ektNiq3fuY8MtqYlyi
yEgNcg32PtWtAGhjuq2WWHLRay8xhJZn98vaPKAU/G86TWZ/h8isjuWZLVFsR2aLq8oCfs
sNA9nkhu2GacH7/xwYOO+nQNCWPRBUG/616zg9vLp5O84U3tObp1BDv8hJX+gOQGBMXSeu
G7srFg9jcOHNReQSRycKIEHjcY1O8/p7gG4iJ5cYy+reIdSdVeeAa4CsadwJDWS4BGArpG
Hv4hbnjy2FDziXAAABAQDSkDGVlCB+TFzDu4Hz+TYAx9AQceLGGNX6KKVKcQiAxb0+XanL
r101Ssg5JgWL3vF0YFmXtjBbjliHg5IFXYWAF6D3XcrA0YwFWZFUTbmx6Si6Bcocw4NUNG
moRZdJ3LXmd+tsUULRr2/EsbdlHmF26D7DQqn/NUtJcmhOHeG7xbhLmtQUHWd5fDQdu+T+
cfIgyejrkGdLOd8Mqn3linEbp8USvjP66yE9ok1Q0IjRvMosoQ5wNwMMI8o3sTnvaAVxBH
coRh1zRZJF6+wwsFJp8i5QvQhbnzXGvKtghlRAMlfobttwkEt55D+8xWOItw3VWxOqNyXG
f+GMOr9ALtwfAAAAFmphc29uQG1hcngtWFBTLTEzLTkzODABAgME
-----END OPENSSH PRIVATE KEY-----
But as you mentioned it, the length of the password is also to short for the key. The line breaks are transformed to spaces (by my browser or passwords).
I don’t know if it makes sense to store a private ssh key in a password vault. The functions cannot be used anyway. The SSH key would have to be copied back to a system in a file anyway. So it is more like a backup copy of a file. It might make sense to save an associated passphrase there. To protect yourself from theft of the private key, you should also think about a passphrase.
Yes i agree. I think this is possible but not nice.
ssh-copy-id is probably the easiest way, if you are using openSSH on both machines.
Since Public keys as the name suggests, are public, it shouldn’t be an issue storing them as plain text in a notes filed. In theory you can store them anywhere you want, even on a publicly accessible wiki page or GitHub if you want. The private keys are the ones you have to keep safe.
cat ~/.ssh/id_rsa | tr -d '\n' prints the key as one line without spaces…
Of course you would then have to convert it back to the PKCS#1 private key format, in order to use it with OpenSSH. So this is not really a practical solution and it would most likely be too long for the password field in Passwords anyways… 
…but you could use ed25519 keys instead of RSA keys. They are more secure, shorter and most important on one line by default
As an example: The firewall of the local network is done by service provider, so that public keys have not only to be applied on the local workstation but also give to the service provider, which will apply it manually.
True. But you got me wronge. I meant to store the private key (since the public key can not be easily applied, I have to use the private key on several devices). Storing it in the Cloud gives me access to it independently of other devices on which I already store/use it.
Thank you for that hint. That might be a work around at least for my problem. Nevertheless I think multiline secretes are no magic and have several applications.
Yep. It would certainly be a nice feature.
I think it has some recents to call it a private key. Of course I could save the file just in the cloud and only the passphrase in the passwords app. But since the private key is sensitive data, it should get the extra layer of security passwords app is granting.
Yep I agree. But I also would argue that it would probably be more secure if you don’t re-use the same keys on multiple devices, especially if you have to grant access to third parties. This also has the advantage, that if one device gets compromised you don’t have to change the keys on every other device.
This is more about to discuss whether my usecase is resonable then the feature itself.
As I stated before: Sometimes it is not easily possible to place multiple public keys. Also if one does not manage the public keys on ones own, it be more secure to have just one key pair and be sure that it the public key gets revoced when your private key might be compromised.
Yeah sure. I just think that’s probably one of the reasons why SSH key management is not a feature in most password managers. And to be fair… How often do you have to transfer your private key to a new device? Does it really have to be always available in a password manager?
Anyways… I don’t know how often the devs visit this forum. If you want them to be aware of your feature request, it’s maybe better to open an issue here: Issues · marius-wieschollek/passwords · GitHub
If you want ssh support now you can switch over to keepass.
Or, just use keepass ssh-agent for your SSH keys. And everything else as you have it. Sync with nextcloud and problem solved.