add bitwarden ssh scripts

2019-09-03 14:50:15 +02:00 · 2019-09-03 14:50:15 +02:00 · 413bbdb7f7
commit 413bbdb7f7
parent f879626638
2 changed files with 58 additions and 0 deletions
--- a/bin/bw-login
+++ b/bin/bw-login
@ -0,0 +1,3 @@
+#!/bin/bash
+bw-ssh-add id_rsa id_rsa_embark
+
--- a/bin/bw-ssh-add
+++ b/bin/bw-ssh-add
@ -0,0 +1,55 @@
+#!/bin/bash
+set -eu
+
+AUTO_LOCK=900
+BW_SESSION=
+
+exit_error() {
+  echo "$2"
+  exit "$1"
+}
+
+ask_password() {
+  systemd-ask-password --keyname=bw_master --accept-cached --timeout=10 "Master Password: " \
+    | bw unlock --raw 2>/dev/null || exit_error $? "Could not unlock vault"
+}
+
+get_session_key() {
+  if [ $AUTO_LOCK -eq 0 ]; then
+    keyctl purge user bw_session &>/dev/null
+    BW_SESSION=$(ask_password)
+  else
+    if ! key_id=$(keyctl request user bw_session 2>/dev/null); then
+      session=$(ask_password)
+      [[ -z "$session" ]] && exit_error 1 "Could not unlock vault"
+      key_id=$(echo "$session" | keyctl padd user bw_session @u)
+    fi
+
+    keyctl timeout "$key_id" $AUTO_LOCK
+    BW_SESSION=$(keyctl pipe "$key_id")
+  fi
+}
+
+get_session_key
+
+folder=$(bw list folders --session ${BW_SESSION} --search ssh | jq -r '.[].id')
+items=$(bw list items --session ${BW_SESSION} --folderid ${folder})
+
+keys="$@"
+if [[ -z "$keys" ]]; then
+  keys=$(jq -r '.[].name' <<< $items | fzf -1 -0)
+fi
+
+for key in $keys; do
+  _tmp=$(mktemp -d)
+  cd $_tmp
+  mkdir -p $(dirname $key)
+  ln -s /dev/stdin $key
+
+  function cleanup {
+    rm -rf $_tmp
+  }
+  trap cleanup EXIT
+
+  jq -r ".[] | select(.name == \"${key}\") | .notes" <<< $items | ssh-add $key
+done