Skip to content

How it works ‚Äč

ssh-vault will randomly create a password and use it for encrypting the contents of the vault using a symmetric cipher AES256|ChaCha20Poly1305, the password later will be encrypted using the SSH public key (RSA or Ed25519) of the receiver.


When creating a vault, the option -u user will fetch the receiver ssh public keys from GitHub or any other server provide server<username>.keys

Example fetchinig keys from GitLab

ssh-vault create -u

This helps to create a vault very straight forward, since both the sender and receiver don't need to exchange their keys before in order to share sensitive data, therefore this helps to work asynchronously.