Help Center

Advanced SSH Agent Uses

This document provides guides to use Bitwarden SSH agent for advance use cases. To learn more about the Bitwarden SSH agent, or get started with the Bitwarden SSH agent, see the SSH Agent document.

SSH connection

SSH connect to servers and virtual machines with SSH keys securely stored in Bitwarden.

  1. To begin, make sure the SSH agent has been enabled on your Bitwarden desktop app by navigating to Settings  and Enable SSH agent:

    Enable SSH storage on desktop client
    Enable SSH storage on desktop client
  2. Create a new SSH key or import and existing SSH key to your Bitwarden desktop app.

    Server key
    Server key
  3. You may now connect to your server using SSH connection. The SSH agent will retrieve the key from the SSH agent rather than a stored file path:

    Plain Text
    ssh username@server-<Hostname>
  4. Bitwarden will prompt you to approve the SSH key access. This will show that the SSH key has been requested and used to complete the file transfer.

    Verify SSH key server connection
    Verify SSH key server connection

SSH agent forwarding

SSH agent forwarding allows a remote server you are accessing to authenticate to other servers using your keys, without exposing your private keys outside of your vault. The server you are logged in to can request your local Bitwarden instance to authenticate to the remote server. In this example, we will demonstrate transferring files between servers:

  1. To begin, make sure the SSH agent has been enabled on your Bitwarden desktop app by navigating to Settings  and Enable SSH agent:

    Enable SSH storage on desktop client
    Enable SSH storage on desktop client
  2. Create a new SSH key or import and existing SSH key to your Bitwarden desktop app.

  3. Activate agent forwarding by opening a connection with the server you wish to send files to:

    Plain Text
    ssh -A <HostnameA>
  4. Send a file to the server:

    Plain Text
    rsync -avzP ./TEST.txt <USER>@<HostnameB>:/home/<USER>/test.txt
  5. Bitwarden will prompt you to approve the SSH key access. This will show that the SSH key has been requested and used to complete the file transfer.

    Confirm SSH Agent Forwarding
    Confirm SSH Agent Forwarding