🧊 Introducing Melt, a quick and easy way to backup your Ed25519 SSH keys. Melt will backup and restore any Ed25519 SSH private key as a set of seed words. Write 'em down and never lose your key again! ✍️

@charm Do you happen to know of any tools that help manage/organise your keys andhosts .ssh/config? My config is nearly 200 lines and keeping everything organised and up-to-date across multiple machines is a bit of a headache lol

@amolith hi! We have wishlist for interacting with you .ssh/config:

But we're actually working on some new stuff around this, so stay tuned...

@charm Yep, I heard Toby Padilla mention some ideas Charm has for SSH stuff on Changelog #481 and I'm pretty excited to see what you all come up with :flan_guns:

@charm seem wasteful since there are plenty ty of other methods of backup you should be using already

@10leej this gives you an easy way to store your key offline. You don't even need a printer for a qr code, and could potentially memorize the seed words.

@charm I already use duplicity to have a copy of my home directory that backs up to my nas which then has a backup nas which backs up to off site.

It's easier to keep on one machine, in my opinion

@wago we wanted a way to back up the keys offline, just in case something happened.

Usb drives are a little risky. I've had one or two just go poopoo. Name brand not elcheapo generic. But generally ok i suppose. Probably good to switch them out like have 5 and go round robin or something.

@wago indeed. One of the nice things about seed words is that you can write them on a piece of paper and store it somewhere safe. Nothing mechanical/electrical to fail.

Yes like back in the 80's if you wanted software you could buy magazines at the bookstore and type in the binary code in hex that was printed in the mag. Last two on each row were a checksum so you would know right away about typos.

i threw together a python 1980's way. not tested, have to make another script to read input and turn back into file. :)

import sys
import hashlib

wide = 12

        filename = sys.argv[1]
        file = open(filename,'rb')
        bytecount = 0
        linecount = 0
        strlc = str(0)
        strline = strlc.zfill(6)
        while True:
                byte =
                if byte.hex() == '':
                        for x in range(wide+2-bytecount):
                                strline += " 00"
                        m = hashlib.blake2b(strline.encode("utf-8"))
                        strline += " " + m.hexdigest().upper()[-2:]
                        if bytecount>wide:
                                strline += " "+byte.hex()

                                m = hashlib.blake2b(strline.encode("utf-8"))
                                strline += " " + m.hexdigest().upper()[-2:]

                                strlc = str(linecount)
                                strline = strlc.zfill(6)
                                strline += " " + byte.hex()

        print("Could not open file.")

@charm Looks great 🤩.
But please let the user provide the seed via STDIN as it is otherwise in the history.

Sign in to participate in the conversation
Mastodon for Tech Folks

This Mastodon instance is for people interested in technology. Discussions aren't limited to technology, because tech folks shouldn't be limited to technology either!