-
Notifications
You must be signed in to change notification settings - Fork 30
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Does Goldwarden's SSH-Agent support exposing secret-key ssh-keys (for example ed25519-sk) #301
Comments
Currently sk keys are indeed not supported. What is the use-case for you? The key is stored on the security key, right? So would this be a "back-up" means? Or do you want to have regular keys in goldwarden, and use the same ssh-agent for exposing your keys stored on the security key? |
Yes, i do want to use goldwarden's ssh-agent for exposing the keys stored on the security key. Theoretically i could also use multiple ssh-agents, but i would rather have just one. |
Ok, just to make sure I understand, are there other, separate, regular keys that are stored in bitwarden that are also used via the ssh agent? Otherwise what benefit does goldwarden bring, compared to just the regular ssh agent? Or, is this about syncing the "private key" file ( For just using both kind of keys in parallel, it would be fairly easy to add support for goldwarden to route through requests that it does not have a key for to the systems ssh agent, so that both keys can be used side-by-side. For the latter, I think this is not supported by the ssh package of golang yet (golang/go#69904), so that would block support for now. |
Yes i do have other, separate regular keys in my bitwarden vault, that i also want to use. But i think my use case is quite rare, so i will probably use goldwarden without the ssh-agent for now. Thank you for your time! Feel free to clos this, if you want to. |
I just tried to add my ssh-key of the format
sk-ssh-ed25519
to goldwarden usinggoldwarden ssh import ~/.ssh/key
.Creation of the ssh-key was done using:
ssh-keygen -t ed25519-sk -C "your_email@example.com"
The output of running above command is:
This makes me think that goldwarden cannot currently handle SSH-Keys with Security-Keys.
Will there be support for those in the future?
Or did i do something wrong?
The text was updated successfully, but these errors were encountered: