SSH password manager

SSH password manager

I have recently started using a distro called BunsenLabs which is a Debian/Openbox flavor. I run Linux inside VirtualBox and so far I really like this distro.  I have previously written about using Linux SSH connection managers like PAC(Perl Auto Connect), GCM, Remmina etc.  I have mostly settled on PAC for most Linux installations but it has a couple irritations and seem to be getting pretty old.  My goals is mostly to keep track of sometimes hundreds of machine names/usernames/passwords.  Couple options I have played with is putty from the command line and sshpass.

For putty something like this could probably be built on:

$ putty -load host01 -l root -pw mypass

With sshpass something like this works. Assuming you have sshpass to install on your distro.

$ sshpass -p 'mypass' ssh -o StrictHostKeyChecking=no root@host01
Last login: Sun Feb 19 11:11:45 2017 from 10.140.6.123
[root@HOST01 ~]# 

Since I am using OpenBox here I added a custom OpenBox pipemenu by changing the existing SSH pipemenu a little bit. This works for me but I will probably change it a little bit in future to use a better config file with XML and/or encrypting the details.

Create a config folder and file to save the host details. For now config file is in SSH config format so the existing paramiko.config class can still read it. WARNING nothing about saving passwords like this is secure. You were warned!

$ cat .sshpassdb/config 
Host host01
  HostName host01.localdomain
  User root:mypass

# Test complete command line that we will try in Openbox menus
$ x-terminal-emulator -e sshpass -p 'mypass' ssh -o StrictHostKeyChecking=no root@host01

Now lets add an Openbox pipemenu.

Right click desktop -> Preferences -> Openbox -> GUI Menu Editor
Expand Openbox 3 and add a pipemenu. I called is SSH (sshpass) and pointed it to /home/myuser/scripts/bl-sshpass-pipemenu
I copied cp /usr/bin/bl-sshconfig-pipemenu /home/myuser/scripts/bl-sshpass-pipemenu
Edit new this custom python file now to populate the Openbox custom menu when opened

$ cat scripts/bl-sshpass-pipemenu

#!/usr/bin/env python
#    bl-sshpass-pipemenu - an Openbox pipemenu for Graphics applications
import os
import warnings
with warnings.catch_warnings():
    warnings.simplefilter("ignore")
    from paramiko.config import SSHConfig
import argparse
import sys

ap = argparse.ArgumentParser(description="""Openbox pipemenu to handle secure shell installation and configuration.
The install menu item is only shown when '/usr/sbin/sshd' is not executable. """)
opts = ap.parse_args(sys.argv[1:])

cfgdir = os.getenv("HOME")+"/.sshpassdb"
cfgfile = cfgdir+"/config"

try:
    config_file = file(cfgfile)
except IOError:
    if not os.path.exists(cfgdir):
        os.makedirs(cfgdir, 0700)
    f = open(cfgfile, 'w')
    o = '# SSH config file, \'man ssh_config\' for more details.\n\n'
    o += '#Host example\n'
    o += '#    hostname example.com\n'
    o += '#    user joebloggs\n'
    f.write(o)
    f.close()
    os.chmod(cfgfile, 0600)
    config_file = file(cfgfile)
    config = SSHConfig()
    config.parse(config_file)
    hosts = config._config
else:
    config = SSHConfig()
    config.parse(config_file)
    hosts = config._config

print '<openbox_pipe_menu>\n'

need_separator = False

if len(hosts) >= 2:
    for h in hosts[1:]:
        if 'host' in h and 'hostname' in h['config']:
            conf = h['config']
            user = ''
            if 'user' in conf:
                user = conf['user'].split(':')[0]
                passw = ' -p ' + conf['user'].split(':')[1] + ' '
            port = ['', '']
            if 'port' in conf:
                port[0] = '-p ' + conf['port'] + ' '
                port[1] = ':' + conf['port']
            if need_separator:
                print '<separator/>\n'
                need_separator = False
            print '<menu id="ssh-'+h['host'][0]+'" label="'+h['host'][0]+'">'
            print '    <item label="Start terminal session">'
            print '        <action name="Execute">'
            print '            <command>'
            print '                x-terminal-emulator -e sshpass ' + passw + 'ssh -o StrictHostKeyChecking=no ' + user + '@' + conf['hostname']
            print '            </command>'
            print '        </action>'
            print '    </item>\n'
            print '</menu>\n'
    print '<separator/>\n'

if need_separator:
    print '<separator/>\n'
    need_separator = False

print '</openbox_pipe_menu>'

Test with Right Click on desktop -> Network -> SSH (sshpass) and select a host -> Start terminal session.
Add hosts to config file.

Leave a Reply

Your email address will not be published. Required fields are marked *