Manage SSH keys

app:all

#1

The ‘other’ kind of authentication I find myself having to manage is ssh keys. In a perfect world, there would be some mechanism that I could trust to generate a long key, store the key pair on the origin machine only (and back them up to a secure vault) and distribute the public key to the servers I nominate.

Having some central control over this would certainly help preserve (what remains of) my sanity:

  1. just by managing the files themselves, and their secure delivery to servers. Making this easier reduces the urge to slip into the bad habit of reusing key pairs. Automating the ‘best practices’ means they’re much more likely to be followed.

  2. being able to invalidate keys at a stroke would do much to mitigate the lack of passphrases on keys (e.g. the situation where a laptop is stolen - open the Bitwarden app on your smartphone and mark that key pair as revoked).

  3. the ability to externally impose an ‘expiration’ period on keys. Bonus points for automatic rotation of keys on a schedule, so it ‘just happens’ without manual intervention.

This is a pain-point for me, and I expect every developer/dev ops/infosec person out there.

  • Paul

#3

I feel like this feature would scratch an itch for even enterprise business accounts and the like. I see people asking for this in enterprise-level software and having to stand up massive solutions to solve a problem that Bitwarden seems positioned to solve easily.

Down deep inside, my inner-troll is dying to tell my colleagues that I have an affordable solution that trumps their $100K annual spend. :joy:


#4

This would be great. I’ve been looking for a replacement to KeeAgent (KeePass addon that emulates PuTTY Pageant). Or even not having to use Pageant either. Having this SSH agent in the Bitwarden desktop client would be awesome.

If not, then at the very least a way to store the SSH keys


#5

I 100% support this feature request.

It’s the biggest reason for anyone to switch from KeePass/KeeAgent to BitWarden.


#6

This is a very important feature to me. I’m trying to get my company get bitwarden and this would be a big bonus.

I personally use KeePass/KeeAgent to manage my ssh keys currently.


#7

I used it with keepass and keeagent and i really miss it here.


#8

bump this up

hell yes, ssh keys are the way to go for maschine auth.
but does it makes sense to have our comparativly weak passwords encrypted in bitwarden and multi factor secured while having our ssh keys stored in plain sight on the harddrives.
best case we password secure them but this is annoying to enter password everytime i load pagent.

also i dont think this would be very hard to implement, could be part of bitwarden desktop
and existing code is opensource


#9

I fully agree this feature is needed.

If this feature existed it would be a no-brainer over competitors.


#10

I would love to see this in bitwarden!