Using account data with ssh

mtatmc

<div class="IPBDescription">How to use data in a server account to launch ssh</div>How do I actually use account data?



I have created a server account and populated the URL, Username, and Password fields. Now what? Can I do anything with it other than copy and paste? What I need it to do is allow me to select the server account (as one would with a login account) and have it launch the terminal ssh session to the server. It should effectively generate an ssh <username>@<hostname> command and then supply the <password> value. It appears to do nothing at this time



Oddly enough, if I put a server account in the login (web) section it almost works. If I specify ssh://<hostname> rather than http:// it will launch terminal but it will not supply either the username or the password.



Maybe (probably) I am missing something, but what do the Accounts do? Is there any important difference between them and just storing the info in the secure notes section?



For strictly home web-centric use 1Password seems to work well so far, but for anything else it is proving very frustrating or wholly inadequate.

[Deleted User]

[quote name='mtatmc' timestamp='1286463555' post='12823']

How do I actually use account data?



I have created a server account and populated the URL, Username, and Password fields. Now what? Can I do anything with it other than copy and paste? What I need it to do is allow me to select the server account (as one would with a login account) and have it launch the terminal ssh session to the server. It should effectively generate an ssh <username>@<hostname> command and then supply the <password> value. It appears to do nothing at this time



Oddly enough, if I put a server account in the login (web) section it almost works. If I specify ssh://<hostname> rather than http:// it will launch terminal but it will not supply either the username or the password.



Maybe (probably) I am missing something, but what do the Accounts do? Is there any important difference between them and just storing the info in the secure notes section?



For strictly home web-centric use 1Password seems to work well so far, but for anything else it is proving very frustrating or wholly inadequate.

[/quote]



Hi mtatmc,



I'm sorry to hear you're finding 1Password somewhat frustrating, you're correct that1Password currently only integrates with your web-browsers to fill logins, identity and credit card information online, so while you can store other account information there currently isn't any mechanism for integrating with other applications such as terminal.



This may be something we look into for the future, but for now 1Password's primary function is for handling web logins with the ability to store lots of other information. I'd recommend a great little free app called 'JellyfiSSH' which is effectively an SSH bookmark tool and lets you save your ssh details including credentials and then easily restore these to a terminal session.



Sorry I don't have a better answer for you right.

mtatmc

That is unfortunate, but I accept that I was asking 1Password to be more than it is. It seems to be on the cusp of broad utility but not quite there yet beyond its core web utility. I am still utterly confused as to what the point of the Accounts section is (if not to act as a tease for future enhancements) as opposed to the secure notes section. Is there ANYTHING you can do with the Accounts sections that you could not do with secure notes?



[quote name='stu' timestamp='1286466593' post='12826']

Hi mtatmc,



I'm sorry to hear you're finding 1Password somewhat frustrating, you're correct that1Password currently only integrates with your web-browsers to fill logins, identity and credit card information online, so while you can store other account information there currently isn't any mechanism for integrating with other applications such as terminal.



This may be something we look into for the future, but for now 1Password's primary function is for handling web logins with the ability to store lots of other information. I'd recommend a great little free app called 'JellyfiSSH' which is effectively an SSH bookmark tool and lets you save your ssh details including credentials and then easily restore these to a terminal session.



Sorry I don't have a better answer for you right.

[/quote]

[Deleted User]

[quote name='mtatmc' timestamp='1286467060' post='12827']

That is unfortunate, but I accept that I was asking 1Password to be more than it is. It seems to be on the cusp of broad utility but not quite there yet beyond its core web utility. I am still utterly confused as to what the point of the Accounts section is (if not to act as a tease for future enhancements) as opposed to the secure notes section. Is there ANYTHING you can do with the Accounts sections that you could not do with secure notes?

[/quote]



The 'Accounts' section of 1Password gives you templates for commonly used non-web logins, such as servers, iTunes, FTP, IM, e-mail etc. The advantage of using these templates over a 'Secure Note' is that each field can be copied individually with the click of a button when you hover over the field instead of having to select the text and then copy it from the note. Ideally, we'd love to be able to have 'Accounts' work the same way as 'Logins' do, but a lot of this would require support from Apple and other 3rd parties, and in all honesty I just don't see that coming.



In the future we're looking to make it possible to customise these templates as well as allowing you to create new ones, the idea being to allow users to store as much information as they want within 1Password in a secure way.



Thanks again for the feedback,

mtatmc

One possible quick add would be to add a hook to applescript. At that point users could to some degree "roll their own" actions based on data in Accounts.



[quote name='stu' timestamp='1286467550' post='12828']

The 'Accounts' section of 1Password gives you templates for commonly used non-web logins, such as servers, iTunes, FTP, IM, e-mail etc. The advantage of using these templates over a 'Secure Note' is that each field can be copied individually with the click of a button when you hover over the field instead of having to select the text and then copy it from the note. Ideally, we'd love to be able to have 'Accounts' work the same way as 'Logins' do, but a lot of this would require support from Apple and other 3rd parties, and in all honesty I just don't see that coming.



In the future we're looking to make it possible to customise these templates as well as allowing you to create new ones, the idea being to allow users to store as much information as they want within 1Password in a secure way.



Thanks again for the feedback,

[/quote]

khad

Thanks for the suggestion! I know there have been AppleScript security concerns in the past. We will continue to evaluate how or if AppleScript fits with 1Password from technical, usability, and security standpoints.

Jamie Thingelstad

[quote name='stu' timestamp='1286467550' post='12828']

The 'Accounts' section of 1Password gives you templates for commonly used non-web logins, such as servers, iTunes, FTP, IM, e-mail etc. The advantage of using these templates over a 'Secure Note' is that each field can be copied individually with the click of a button when you hover over the field instead of having to select the text and then copy it from the note. Ideally, we'd love to be able to have 'Accounts' work the same way as 'Logins' do, but a lot of this would require support from Apple and other 3rd parties, and in all honesty I just don't see that coming.



In the future we're looking to make it possible to customise these templates as well as allowing you to create new ones, the idea being to allow users to store as much information as they want within 1Password in a secure way.



Thanks again for the feedback,

[/quote]



I would like to +1 this feature request. As a systems guy that has dozens of password that need to be secured in Unix machines, it would be awesome to have the kind of autofill capability that we have in a web browser accessible from Terminal.app. My dream would be that I could easily access my stored passwords (probably just "Accounts" of certain types) inside of an open Terminal.app window and then have the password or username selectable to send to the window.



Short of that, It would be REALLY nice to be able to have more "Account Types". An "ssh" type would be killer, especially if it could launch a terminal window with the credentials.



Even better, would be a way for users to create there own account templates. I would make several right away...

khad

Welcome to the forums, Jamie! We are looking at including custom templates in a future version. This is definitely on our radar. Consider using the FTP template for SSH in the meantime.



I would also love to see Terminal support, but it is not a simple task. There is talk of bringing the [url="http://help.agile.ws/1Password_Windows/auto-type.html"]Auto-Type feature from 1Password for Windows[/url] "back to the Mac." I don't have a time frame for a specific release, but it could certainly bridge the gap for many apps. As a 1Password [i]user[/i] I am very excited about this on a personal level.

maelcum

Hello.



I found this thread by searching for various keywords while trying to find out if there is any way to access data in 1Password from the shell/Terminal.app in OS X.

Kind of like the (Apple) Keychain Scripting Access, though I would prefer the Un*x shells (bash/tcsh/zsh) rather than AppleScript. But then - any would do.



Since this thread is a little older, please allow me to ask: Are there any plans - or have there any plans been dismissed for certain reasons - for such an access method to 1Password?



Thank you very much in advance.



maelcum

khad

There are currently no plans to implement this, but we never say "never". The majority of the reason is that the time and effort to implement this would be rather large, and we need to focus on features that the greatest number of our users can benefit from. If we ever get time to dig into this or Apple rolls out some super-secure method of doing this which is baked into the OS, it will likely become a no-brainer. Until then we need to keep our limited developer resources focused on progressing the core functionality of 1Password.



We have been evaluating another feature which I believe would obviate the need for this for many folks, but I can't share any details on it at the moment.



Thanks for your passion here. I have passed this along to the developers.

maelcum

Understood. Thanks for taking the time to explain it thoroughly. Much appreciated.

khad

It is my pleasure! Thanks for your patience and understanding. <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_smile.png' class='bbc_emoticon' alt=':-)' />

Nogbad The Bad

ssh keys might work for you.



http://en.wikipedia.org/wiki/Secure_Shell#Key_management



http://en.wikipedia.org/wiki/Ssh-keygen



I've used it at work with windows & putty, but is should work under OS X.

Nogbad The Bad

oops double post

maelcum

[quote name='Nogbad The Bad' timestamp='1310983187' post='32259']

[/quote]

Hello Nogbad,



are you referring to my request?

If so - thanks a lot, but I'm using ssh-keys, -agent, -forwarding and such every day and like to assume to be quite proficient at doing so. Nevertheless thank you for pointing that out.



My request was not targeted at ssh, but at scripting in general, preferrably a unix shell. I am using Keychain-Scripting of the OS X Keychain to store and extract passwords for various services, and by using osascript can fetch credentials for further use in the bash-scripts (albeit AppleScript is dead slow and the osascript-bridge even more so). But as an avid 1Password user, it holds the majority of my logins/notes/secrets and I would love to use it rather than the OS X keychain. Thus my question.



In other words: I'm looking for an API to access 1Password data on OS X. Just like [url="http://keepass.info/help/v2_dev/scr_index.html"]this[/url] for Keypass (which we use at work unter Win/Linux). I would be ready to go the extra mile it it takes to access in C++/C#/ruby/python/whatever, but it all starts with the availability of an API.