Does Goldwarden's SSH-Agent support exposing secret-key ssh-keys (for example ed25519-sk) #301
Comments
|
Currently sk keys are indeed not supported. What is the use-case for you? The key is stored on the security key, right? So would this be a "back-up" means? Or do you want to have regular keys in goldwarden, and use the same ssh-agent for exposing your keys stored on the security key? |
|
Yes, i do want to use goldwarden's ssh-agent for exposing the keys stored on the security key. Theoretically i could also use multiple ssh-agents, but i would rather have just one. |
Charging1948
changed the title
|
Ok, just to make sure I understand, are there other, separate, regular keys that are stored in bitwarden that are also used via the ssh agent? Otherwise what benefit does goldwarden bring, compared to just the regular ssh agent? Or, is this about syncing the "private key" file ( For just using both kind of keys in parallel, it would be fairly easy to add support for goldwarden to route through requests that it does not have a key for to the systems ssh agent, so that both keys can be used side-by-side. For the latter, I think this is not supported by the ssh package of golang yet (golang/go#69904), so that would block support for now. |
|
Yes i do have other, separate regular keys in my bitwarden vault, that i also want to use. But i think my use case is quite rare, so i will probably use goldwarden without the ssh-agent for now. Thank you for your time! Feel free to clos this, if you want to. |
I just tried to add my ssh-key of the format
sk-ssh-ed25519to goldwarden usinggoldwarden ssh import ~/.ssh/key.Creation of the ssh-key was done using:
ssh-keygen -t ed25519-sk -C "your_email@example.com"The output of running above command is:
This makes me think that goldwarden cannot currently handle SSH-Keys with Security-Keys.
Will there be support for those in the future?
Or did i do something wrong?
The text was updated successfully, but these errors were encountered: