{"id":30940226,"url":"https://github.com/danielrobbins/keychain","last_synced_at":"2026-02-19T20:38:42.273Z","repository":{"id":615583,"uuid":"254092","full_name":"danielrobbins/keychain","owner":"danielrobbins","description":"A manager for ssh-agent and gpg-agent","archived":false,"fork":false,"pushed_at":"2025-11-02T18:58:45.000Z","size":477,"stargazers_count":931,"open_issues_count":16,"forks_count":118,"subscribers_count":27,"default_branch":"master","last_synced_at":"2026-01-17T05:53:42.599Z","etag":null,"topics":["gpg","gpg-key","security","security-tools","shell","ssh","ssh-client","ssh-key"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/danielrobbins.png","metadata":{"files":{"readme":"README.md","changelog":"ChangeLog.md","contributing":null,"funding":".github/FUNDING.yml","license":"COPYING.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":"MAINTAINERS.txt","copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"github":"danielrobbins","custom":["https://paypal.me/breezyops"]}},"created_at":"2009-07-18T01:59:20.000Z","updated_at":"2026-01-15T22:23:02.000Z","dependencies_parsed_at":"2026-01-03T11:09:42.561Z","dependency_job_id":null,"html_url":"https://github.com/danielrobbins/keychain","commit_stats":null,"previous_names":["danielrobbins/keychain"],"tags_count":21,"template":false,"template_full_name":null,"purl":"pkg:github/danielrobbins/keychain","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/danielrobbins%2Fkeychain","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/danielrobbins%2Fkeychain/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/danielrobbins%2Fkeychain/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/danielrobbins%2Fkeychain/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/danielrobbins","download_url":"https://codeload.github.com/danielrobbins/keychain/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/danielrobbins%2Fkeychain/sbom","scorecard":{"id":414104,"data":{"date":"2025-08-11","repo":{"name":"github.com/funtoo/keychain","commit":"0c16d636fcb066964a454cc6463198bf45eaa7ff"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.9,"checks":[{"name":"Maintained","score":8,"reason":"5 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 8","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Code-Review","score":1,"reason":"Found 3/27 approved changesets -- score normalized to 1","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/lint.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/funtoo/keychain/lint.yml/master?enable=pin","Info:   0 out of   1 GitHub-owned GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: COPYING.txt:0","Info: FSF or OSI recognized license: GNU General Public License v2.0: COPYING.txt:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact 2.9.5 not signed: https://api.github.com/repos/funtoo/keychain/releases/219128178","Warn: release artifact 2.9.4 not signed: https://api.github.com/repos/funtoo/keychain/releases/218662765","Warn: release artifact 2.9.3 not signed: https://api.github.com/repos/funtoo/keychain/releases/218602525","Warn: release artifact 2.9.2 not signed: https://api.github.com/repos/funtoo/keychain/releases/216246762","Warn: release artifact 2.9.1 not signed: https://api.github.com/repos/funtoo/keychain/releases/216016870","Warn: release artifact 2.9.5 does not have provenance: https://api.github.com/repos/funtoo/keychain/releases/219128178","Warn: release artifact 2.9.4 does not have provenance: https://api.github.com/repos/funtoo/keychain/releases/218662765","Warn: release artifact 2.9.3 does not have provenance: https://api.github.com/repos/funtoo/keychain/releases/218602525","Warn: release artifact 2.9.2 does not have provenance: https://api.github.com/repos/funtoo/keychain/releases/216246762","Warn: release artifact 2.9.1 does not have provenance: https://api.github.com/repos/funtoo/keychain/releases/216016870"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'","Warn: branch protection not enabled for branch 'devel'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 6 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-18T23:23:23.982Z","repository_id":615583,"created_at":"2025-08-18T23:23:23.982Z","updated_at":"2025-08-18T23:23:23.982Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29630840,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-19T18:02:07.722Z","status":"ssl_error","status_checked_at":"2026-02-19T18:01:46.144Z","response_time":117,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["gpg","gpg-key","security","security-tools","shell","ssh","ssh-client","ssh-key"],"created_at":"2025-09-10T20:02:11.746Z","updated_at":"2026-02-19T20:38:42.235Z","avatar_url":"https://github.com/danielrobbins.png","language":"Shell","funding_links":["https://github.com/sponsors/danielrobbins","https://paypal.me/breezyops"],"categories":["Shell","⚡ Productivity"],"sub_categories":["Useful Linux Tools"],"readme":"\nIntroduction to Keychain\n========================\n\n`Keychain` helps you to manage SSH and GPG keys in a convenient and secure\nmanner. It acts as a frontend to `ssh-agent` and `ssh-add`, but allows you\nto easily have one long running `ssh-agent` process per system, rather than\nthe norm of one `ssh-agent` per login session.\n\nThis dramatically reduces the number of times you need to enter your\npassphrase. With `keychain`, you only need to enter a passphrase once every\ntime your local machine is rebooted. `Keychain` also makes it easy for remote\ncron jobs to securely \"hook in\" to a long running `ssh-agent` process,\nallowing your scripts to take advantage of key-based logins.\n\n`Keychain` also integrates with `gpg-agent`, so that GPG keys can be cached\nat the same time as SSH keys.\n\nBash Completion\n===============\n\nKeychain includes bash completion support for command-line options, SSH keys,\nGPG keys, and the `--extended` key format (`sshk:`, `gpgk:`, `host:`).\n\nMost Linux distributions will install the completion script automatically when\nyou install keychain via your package manager.\n\nFor manual installation:\n\n- **System-wide** (requires `bash-completion` package and root access):\n  ```\n  sudo make install-completions\n  ```\n  This installs to `/usr/local/share/bash-completion/completions/` by default.\n  Use `PREFIX=/usr` for `/usr/share/bash-completion/completions/`.\n\n- **User-only** (no root required):\n  ```\n  mkdir -p ~/.local/share/bash-completion/completions\n  cp completions/keychain.bash ~/.local/share/bash-completion/completions/keychain\n  ```\n\nAfter installation, restart your shell or run:\n```\nsource /etc/bash_completion\n```\n\n**Tip:** If pressing tab doesn't show all possible completions when there are\nmultiple matches (e.g., `sshk:id_\u003ctab\u003e` completes to common prefix but doesn't\nlist all keys), add this to your `~/.inputrc`:\n```\nset show-all-if-ambiguous on\n```\nThen restart your shell or run `bind -f ~/.inputrc`.\n\nSupport This Project\n====================\n\nKeychain is maintained by [BreezyOps](https://breezyops.com) -\nDaniel Robbins' Open Source Innovation Lab. If you find it useful, please consider:\n\n- Starring the repository ⭐\n- Joining [Discussions](https://github.com/danielrobbins/keychain/discussions) to share tips and ask questions 💬\n- [Supporting development](https://paypal.me/breezyops) to help maintain and improve keychain! ❤️\n\nYour support helps keep this project alive and actively maintained, and supports the creation of future projects. Thank you!\n\nIMPORTANT - GitHub Contributors\n===============================\n\nPlease submit pull requests against the `master` branch which should track official\nreleases. Before submitting your PR, please:\n\n1. Make sure that you have [ShellCheck](https://shellcheck.net) enabled in your\n   IDE and that your changes don't introduce any bashisms or other non-POSIX things.\n   For any *intended* exceptions, such as non-quoting of expanded variables, please\n   insert a commented ShellCheck exception to disable the warning, and if not totally\n   obvious, then add a comment to the exception like this:\n\n       # shellcheck disable=SC2086 # this is intentional:\n\n   If you do not understand a ShellCheck warning, then don't just blindly disable it.\n   Do some research first, make any necessary changes, and then submit your PR.\n2. Please use tabs for initial indentation, not spaces.\n3. Don't use tabs at the end of lines, such as to align comments. Either use a full\n   line to add a comment or add a short comment at the end of a command, separating\n   the \"#\" from the actual command with just a single space.\n4. For any new features or options, update `keychain.pod` with documentation on how\n   to use the new feature.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdanielrobbins%2Fkeychain","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdanielrobbins%2Fkeychain","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdanielrobbins%2Fkeychain/lists"}