Skip to content

How it works ‚Äč

ssh-vault will randomly create a password and use it for encrypting the contents of the vault using a symmetric cipher AES256|ChaCha20Poly1305, the password later will be encrypted using the SSH public key (RSA or Ed25519) of the receiver.

how

https://en.wikipedia.org/wiki/Pretty_Good_Privacy

When creating a vault, the option -u user will fetch the receiver ssh public keys from GitHub or any other server provide server

 https://github.com/<username>.keys

Example fetchinig keys from GitLab

sh
ssh-vault create -u https://gitlab.com/alice.keys

This helps to create a vault very straight forward, since both the sender and receiver don't need to exchange their keys before in order to share sensitive data, therefore this helps to work asynchronously.