Just made an account as well to throw in my 2 cents for this being annoying.
Can’t stand the constant popup to re-authorize, had to switch back to using openssh. This feature is unusable with the constant pop-ups, why can’t it be more like open ssh agent, and just run silently in the background.
I’m adding my 2 cents as well. I think even a caching for a destination or requester’s approval would be good. Currently it’s prompting all the time.
Also just made an account to support this! Any form of caching to reduce notifications would be nice
The PR adding this setting is here: [BEEEP/PM-15871] Add SSH-agent "never" and "remember until lock" reprompt settings by quexten · Pull Request #13995 · bitwarden/clients · GitHub.
As for caching destination, I think that is also a good idea, and it is possible using the openssh session-bind extension, which is a somewhat larger development effort.
10 Likes
Ideally we would also have a “Request authorization after n minutes since last authorization” and a “Request authorization after n minutes since last use” So we can set a more aggressive security behavior then is set for the entire vault.
I would say this would be a nice option if you could enable it. It would also be great if the prompt would open in a new floating window on the currently focused workspace similar to how 1Password does it.
1 Like
Adding my support!
I also want to add my support here!!!
Please add this to the SSH-Agent and add the feature to turn off the manual authorise step.
If my vault is unlocked I am already authorised.
It should be available like it is implemented in KeypassXC.
This right here is one biggest things keeping me from switching back from 1Password.
Some GUI quircks I dont like with Bitwarden; the popping up the main window and a subwindow inside of it for SSH Agent is one.
Caching approvals for SSH Agent would be another, as if I have to approve for every commit or fetch/pull, that would drive me insane. Especially as others have mentioned VSC does this periodically, and on launch.
But otherwise, love the progress that’s been made on this feature!
1 Like
Is there anyone still experiencing same behaviour even after the recent (v2025.5.0) update?
I am still being prompted to authorize or deny the request, even though “Ask for authorization when using SSH agent” setting is set to “Never”.
I’m not sure this is documented yet, but as your screenshot shows, agent forwarding is active - you are exposing your agent to a remote system. This case is explicitly excluded, and will always prompt you, ignoring the setting.
The system you are authenticating to could otherwise use your ssh keys to authenticate to arbitrarily many systems.
Could you expand on your use-case for forwarding here? Maybe there is a case that we are not aware of yet.
Thank you for the quick response. I’m using a Windows machine with the Bitwarden app installed. From this machine, I connect to Linux systems to work on various projects that specifically require a Linux environment. That usually means I need to “connect” GitHub using ssh-key to pull and push changes. Is there an alternative to agent forwarding that I might not be aware of?
So I got very excited to see this feature was added to the recent Bitwarden Client 2025.5.0.
However my main use case is VSCode using remote SSH. This is extremely common for developers. Not allowing this feature to support that really didn’t solve anything for me. Unfortunate. Basically anytime the prompt says: “Warning: Agent Forwarding
This request comes from a remote device that you are logged into” it won’t remember.
Is there anything we can do? Will it ever be supported to remember remote device authorization?
1 Like
Thanks for the feedback. This is not a use-case captured so far, and I’ll check back with the product team on this. I’m hesitant to add a completely unchecked mode for remote devices, though I do understand this is the most convenient. Any thoughts on the following compromise:
If the connection is forwarded, then there is a checkbox in the dialog “Remember this choice for this host”. Then, this key would always be allowed for this remote device. This setting would be local to the desktop app installation.
1 Like
This and/or “remember this choice for this host until vault is locked” would be great addition in my opinion.
2 Likes
The new Bitwarden client now supports remembering the authorization!
Until now it works well for me → let’s see.
- SSH approval settings: A new setting is available for users who have enabled the SSH agent on the desktop app. You may specify when Bitwarden will require you to authorize access to an SSH credential stored in the vault. Learn more about SSH agent settings here.
This would be great, background remote git fetches are currently quite invasive.
Hello again, sorry for being pushy. Is there any update on this?