ssh_vault/vault/ssh/
mod.rs

1pub mod ed25519;
2pub mod rsa;
3
4use anyhow::{Context, Result};
5use secrecy::{ExposeSecret, SecretString};
6use ssh_key::PrivateKey;
7
8/// Decrypts a private key with a password.
9///
10/// # Errors
11///
12/// Returns an error if prompting for the passphrase fails or the key cannot be
13/// decrypted.
14pub fn decrypt_private_key(key: &PrivateKey, password: Option<SecretString>) -> Result<PrivateKey> {
15    let password = match password {
16        Some(password) => password,
17        None => SecretString::from(rpassword::prompt_password("Enter ssh key passphrase: ")?),
18    };
19
20    // Decrypt the private key
21    key.decrypt(password.expose_secret())
22        .context("Failed to decrypt private key, wrong password?")
23}
ssh_vault/vault/ssh/mod.rs

ssh_vault/vault/ssh/
mod.rs
