Initialization¶
sshx init
performs initialization.
$ sshx init
$ tree ~/.sshx
~/.sshx
└── .accounts
It will create the config file ~/.sshx/.accounts
which stores the accounts info.
If the config files are damaged you’ll probably lost all the accounts added, so DON’T TOUCH IT.
Customize config location¶
You can set environment variable SSHX_HOME
to customize the location of config files, the default value is ~/.sshx
.
Config file format¶
The passwords of accounts and passphrases of identities are stored encrypted.
The phrase
field is a string randomly generated during initialization to encrypt and decrypt the passwords of accounts and the passphrase of identities.
It’s very important to keep the config file save, otherwise your passwords may leak.
Want more secure, see Security Option
{
"security": false,
"phrase": "acnhPz21bUfx1PE",
"accounts": [
{
"name": "host1",
"user": "root",
"host": "172.17.0.2",
"port": "22",
"password": "InJvb3Qi.gM0vblkle9Utv5NrW6Q_WzZEgSg",
"identity": "",
"passphrase": "",
"via": ""
},
{
"name": "host2",
"user": "root",
"host": "192.168.0.6",
"port": "22",
"password": "InJvb3Qi.gM0vblkle9Utv5NrW6Q_WzZEgSg",
"identity": "",
"passphrase": "",
"via": ""
}
]
}
Force initialization (Dangerous)¶
Delete the previous config files and perform initialization.
sshx init --force
If it’s previous inited, sshx init
would failed which protect the config file from being damaged.
Only if you’re sure you don’t need the existing accounts anymore, you could add this option.
--force
option can be used with --security
option.
Security Option¶
Enable security option during initialization:
sshx init --security
This option will ask you to set a phrase
manually for encryption and decryption. The phrase
won’t be stored in the config file, instead the SHA1 hash of it would be stored for verification.
If the security option was enabled, you would be asked to input the phrase
from prompt every you execute a command of sshx that need to access the encrypted data.
This option could be changed after initialization.
Enable security option. This will ask you to set a phrase
and re-encrypt all sensitive data.
sshx config --security-on
Disable security option. This will ask phrase
from prompt for verification, generate a new random phrase and re-encrypt all sensitive data.
sshx config --security-off
Change phrase
: If security option was disabled, re-generate a random phrase, otherwise it would ask user to input the current phrase
, verify it and ask user to set a new phrase
.
sshx config --chphrase