Create vault from stdin


ssh-vault can read from standard input (stdin) when creating a vault.

Instead of creating a vault from scratch, a vault can be created by using an existing file, for example if Alice wants to send a file (txt, pdf, jpg) to Bob she could so something like:

ssh-vault -u bob create < /path/to/file > bobs.vault


cat /path/to/file | ssh-vault -u bob create bobs.vault

To restore the file for example my.pdf:

ssh-vault -o /path/to/my.pdf view bobs.vault

you can choose any name you want for the vault, in this example the vault contents will be written to file bobs.vault

on the fly

In case you just want to send a simple string/password this can be used:

echo "secret" | ssh-vault -u bob create

notice that no vault was defined this means that output will be STDOUT

On a mac you could do this one-liner in order to have the output on the clipboard:

echo "secret" | ssh-vault -u bob create | pbcopy

view stdin

If some one send you a vault you can pass directly to ssh-vault and view it:

echo "SSH-VAULT;AES256;24:c6:6f:33:49:de:d7:bb:77:cf:e9:78:4c:e9:25:5f
o" | ssh-vault view

So for testing only purposes when using same key this should work (if ssh-key has no password):

echo "secret" | ssh-vault -u bob create | ssh-vault view
comments powered by Disqus