This is what Bitwarden needs to do.
In the meantime, I’m just increasing MaxAuthTries to 20:
MaxAuthTries 20
This is what Bitwarden needs to do.
In the meantime, I’m just increasing MaxAuthTries to 20:
MaxAuthTries 20
I would like to see a toggle for adding keys to the agent, or not.
I like to add all my SSH keys to Bitwarden, but I do not use all of them very often. A lot of my SSH keys are used for services, so they do not need to be added to the SSH agent generally.
Thanks to @borsarinicola, @schuhu, @Schale01 for the bash script work and @tslivede for the pwsh equivalent.
Seconded.
I only recently figured out how and started using the Bitwarden ssh-agent myself. As I am apt to do–I immediately went FULL overboard and started creating a unique ssh key for every host I have access to. With the keys being stored in an encrypted vault that syncs across (client) devices–it seemed to make sense to treat these keys more like creating a unique password for every service you use. My main machine has the relevant .ssh/config host entries with corresponding IdentiyFile bw-{host}.pub records. Each host has the relevant entry in authorized_keys for its dedicated Bitwarden stored credential and a hardware security key alternate.
Does my hobby homelab need this level of security? Absolutely not! ![]()
The main drawback to this approach that gives me pause is the need to have those bw-{host}.pub keys on any device that I connect from.
It would be great if Bitwarden and the ssh-agent could in some way:
Of course, I could just use a single “master” SSH key for all my various projects but given that authorizing 1 of (256) SSH keys with Bitwarden’s ssh-agent works the same as authorizing 1 of 1, I’d prefer the more secure approach.