- You need to have the Bitwarden CLI tool installed and available in the
$PATH
asbw
. See below for detailed instructions. ssh-agent
must be running in the current session.
Just save the file bw_add_sshkeys.py
in a folder where it can by found when calling it from the command line. On linux you can see these folders by running echo $PATH
from the command line. To install for a single user, you can - for example - save the script under ~/.local/bin/
and make it executable by running chmod +x ~/.local/bin/bw_add_sshkeys.py
.
Fetches SSH keys stored in Bitwarden vault and adds them to ssh-agent
.
- Run,
./bw_add_sshkeys.py
- Enter your Bitwarden credentials, if a Bitwarden vault session is not already set.
- (optional) Enter your SSH keys' passphrases if they're not stored in your Bitwarden.
- Create a folder called
ssh-agent
(can be overridden on the command line). - Add an new secure note to that folder.
- Add the private key to the secure note:
-
Add the private key directly on the
notes
fieldOR
-
Upload the private key as an attachment (requires Bitwarden Premium)
- You'll need to add a custom field
private
containing the file name of the private key attachment. - The field name can be overridden on the command line
- You'll need to add a custom field
-
- (optional) If your key is encrypted with passphrase and you want it to decrypt automatically, save passphrase into custom field
passphrase
(field name can be overriden on the command line). You can create this field ashidden
if you don't want the passphrase be displayed by default. - Repeat steps 2-4 for each subsequent key
--debug
/-d
- Show debug output--foldername
/-f
- Folder name to use to search for SSH keys (default: ssh-agent)--customfield
/-c
- Custom field name where private key filename is stored (default: private)--passphrasefield
/-p
- Custom field name where passphrase for the key is stored (default: passphrase)--session
/-s
- session key of bitwarden
Download the Bitwarden CLI, extract the binary from the zip file, make it executable and add it to your path so that it can be found on the command line.
On linux you will likely want to move the executable to ~/.local/bin
and make it executable chmod +x ~/.local/bin/bw
. ~/.local/bin
is likely already set as a path. You can confirm that by running which bw
, which should return the path to the executable. You can use the same approach to turn bw_add_sshkeys.py
into an executable.
If you want to build the Bitwarden CLI by yourself, see these instructions on the bitwarden github page.