SSH agent: don't prompt for authorization when vault is unlocked

Just made an account as well to throw in my 2 cents for this being annoying.
Can’t stand the constant popup to re-authorize, had to switch back to using openssh. This feature is unusable with the constant pop-ups, why can’t it be more like open ssh agent, and just run silently in the background.

I’m adding my 2 cents as well. I think even a caching for a destination or requester’s approval would be good. Currently it’s prompting all the time.

Also just made an account to support this! Any form of caching to reduce notifications would be nice

The PR adding this setting is here: [BEEEP/PM-15871] Add SSH-agent "never" and "remember until lock" reprompt settings by quexten · Pull Request #13995 · bitwarden/clients · GitHub.

As for caching destination, I think that is also a good idea, and it is possible using the openssh session-bind extension, which is a somewhat larger development effort.

10 Likes

Ideally we would also have a “Request authorization after n minutes since last authorization” and a “Request authorization after n minutes since last use” So we can set a more aggressive security behavior then is set for the entire vault.

I would say this would be a nice option if you could enable it. It would also be great if the prompt would open in a new floating window on the currently focused workspace similar to how 1Password does it.

1 Like

Adding my support!

I also want to add my support here!!!
Please add this to the SSH-Agent and add the feature to turn off the manual authorise step.
If my vault is unlocked I am already authorised.
It should be available like it is implemented in KeypassXC.

This right here is one biggest things keeping me from switching back from 1Password.

Some GUI quircks I dont like with Bitwarden; the popping up the main window and a subwindow inside of it for SSH Agent is one.

Caching approvals for SSH Agent would be another, as if I have to approve for every commit or fetch/pull, that would drive me insane. Especially as others have mentioned VSC does this periodically, and on launch.

But otherwise, love the progress that’s been made on this feature!