From 74659e7548e631ba653bf7f080500b9287319edf Mon Sep 17 00:00:00 2001 From: Daniel Borchmann Date: Tue, 27 Jun 2023 19:38:53 +0200 Subject: [PATCH] Add simple convenience function to add known SSH keys This is supposed to avoid manually inserting passwords for SSH keys when they have expired from the local ssh-agent instance. --- site-lisp/db-utils.el | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/site-lisp/db-utils.el b/site-lisp/db-utils.el index ffbdd50..6cb347b 100644 --- a/site-lisp/db-utils.el +++ b/site-lisp/db-utils.el @@ -824,6 +824,36 @@ This is `db-light' and `solarized-light'." (load-theme 'solarized-light) (load-theme 'db-light)) + +;;; SSH-Key-Handling + +(defun db/add-ssh-key-with-password (key-file password) + "Add key in KEY-FILE with PASSWORD to currently running ssh-agent." + (with-environment-variables (("SSH_ASKPASS_REQUIRE" "never")) + (with-temp-buffer + (unless (zerop (call-process-region password nil + "ssh-add" ; XXX: generalize to also allow pageant? + nil t nil + (expand-file-name key-file))) + (error "Adding SSH key %s failed: %s" key-file (buffer-string)))))) + +(defcustom db/known-ssh-keys nil + "A alist mapping SSH key-files to their password entries. +This alist maps key-files (file-names) to pass password entries +holding the password to unlock the key." + :group 'personal-settings + :type '(alist + :key-type (file :tag "SSH-Key") + :value-type (string :tag "Password Entry"))) + +(defun db/load-known-ssh-keys () + "Add all keys from `db/known-ssh-keys' to currently running ssh-agent." + ;; XXX: error handling + (interactive) + (pcase-dolist (`(,ssh-key . ,pass-entry) db/known-ssh-keys) + ;; XXX: generalize to other password sources + (db/add-ssh-key-with-password ssh-key (auth-source-pass-get 'secret pass-entry)))) + ;;; End