It would be great to have the ability to forward SSH authentication requests from WSL to the Bitwarden Windows SSH Agent to simplify managing of SSH keys across multiple dev environments within Windows.
Isn’t this already possible with SSH Agent Forwarding?
To the WSL session you want to provide with access to the ssh-agent:
ssh -A <Hostname>
So, if you have an ubuntu WSL2 host called foo.
ssh -a foo
Then any ssh work on foo should use the keys provided by Bitwarden desktop on the Windows host.
I think you misunderstood the request. It is about being able to use native SSH in WSL2 (and other tools) with Bitwarden SSH agent running on the host machine with Windows.
I think I understand the question.
Here I will restate it with explicit names:
“It would be great to have the ability to forward SSH authentication requests from WSL (foo) to the Bitwarden Windows SSH Agent (running on baz) to simplify managing of SSH keys across multiple dev environments (such as a separate WSL instance named bar) within Windows.”
Maybe a more detailed explanation:
On baz run ssh -A foo (First Connection):
When you connect to foo with -A, your local ssh client tells the sshd (SSH daemon) on foo that you want to enable agent forwarding. A special “forwarding channel” is created between your local ssh-agent and the sshd on foo.
On foo (Intermediate Server):
If you then try to SSH from foo to another server (let’s call it bar), the ssh client on foo will not look for a private key on foo itself. Rather, it will forward the authentication request back through the secure SSH connection to your local ssh-agent running on baz.
If that is not what is meant what is?
Native support would be great, but for those looking for a workaround, I’ve found using the Window’s ssh.exe the easiest solution. To make it as close to seamless as possible as the following to your .bashrc or .zshrc
alias ssh='ssh.exe -F ~/.ssh/config'
git config --global core.sshCommand "ssh.exe -F ~/.ssh/config"
alias ssh-add='ssh-add.exe'
alias scp='scp.exe'
alias sftp='sftp.exe'
The git config only needs to be ran once, but adding it to my rc is the easiest for me. Any other programs that make use of ssh underneath will also need to be manually configured (i.e. Ansible)
1 Like
This is kinda borked for me. It works for ssh but not for git. Does it still work for you?