Support for SSH private key print.

[Reisen]

Right now I can print the public key from freepass, or add the private key to ssh-agent. Are there any plans to allow printing the private key as well? I want to be able to export the keys for use but right now I have to do it in a round about way. Is this an option you are considering adding?

[valpackett]

Of course I have considered it, but I don't want to export private keys without encryption. If you could help me with implementing OpenSSH's key encryption, that would be great :-)

[Reisen]

Yeah I'd be happy to give that a shot. I was looking at the "openssh-key-v1" format and it seems there's only a few minor differences for ed25519 keys. Looks to be as simple as specifying the cipher and kdf along with an unencrypted list of public keys with an encrypted list of private.

Quick question though. Are you going to force encryption on the exported key? I assume when you choose 'Export Private Key', you will ask for a password to encrypt the private key, but will you allow an empty password similar to ssh-keygen where encryption can be ignored? I ask because, for example, I want to use freepass to store ssh keys for computers under my gitlab instance, and I don't want to use ssh-agent on those systems. So if you force encryption I'll have to enter the password with each git operation on systems where I am not incredibly worried about security.

[valpackett]

Yeah, the important part is showing the password prompt. Maybe also a "are you sure you want to use an empty password?" prompt, but that's it.