I’m regularly finding myself working towards minimalism, in particular, when it comes to tooling.It’s quite a common problem nowadays to have many hundreds of secrets to use and manage (cough, rotate, cough!) on a regular basis.Arguably, the best tools we have for the job right now are commonly referred to as “password managers” or “secret vaults”.There are lots of them out there: LastPass, 1Password, pass, and more.Right now, for better or worse, I happen use LastPass.
A password manager like LastPass helps you store all of your passwords in one secure place. Such as server credentials and SSH keys – called privileged accounts. Download this app from Microsoft Store for Windows 10. See screenshots, read the latest customer reviews, and compare ratings for LastPass for Microsoft Edge.
Should you find yourself in tech, you can probably triple the number of secrets you’ll need to regularly manage.And no, I’m not saying that a person should store their work secrets in their personal password manager – unless the secret in question is in fact personal, e.g., your work SSH key pair.An example of what not to store in your personal vault, as far as work is concerned, would be a shared
root password (those should only live in whatever vault your workplace provides).
Since I’m already using a password manager for secrets, it seems natural to store my SSH key pair there as well (back to that minimalism thing).This probably isn’t a new idea, but, I’ll show you how I happen to do it so that it’s a bit less cumbersome.As I’ve mentioned, I use LastPass.In particular, for this stuff, we’ll need the CLI version which you can find here (technically, I suppose you could do it with the GUI application if you wanted to).With Homebrew, it’s as easy as
brew install lastpass-cli.
For completeness, I’ll generate a new key pair, so we can do the whole process, end-to-end.Plus, this is a throwaway exercise.
Generate an SSH key pair (optional)
This gives us our new key pair:
Store the pieces
Retrieve the pieces
Ssh Keys Download
Lastpass Store Ssh Keys List
Note that in the interest of space, I’m abbreviating the output for the keys with pipes to
cut.In practice, we could now easily lay these down locally by piping to
tee ~/.ssh/demo.key or something along those lines.
Lastpass Store Ssh Keys
There are other fields in available, and I’ll leave this as an exercise for the reader to hack around with.Good luck, maybe this’ll help you have a few less SSH keys to manage, or, keep you from losing an important one!