/bw-agent

An SSH Agent client which pulls ssh keys from Bitwarden secure notes.

Primary LanguageRustGNU General Public License v3.0GPL-3.0

Bitwarden Agent

A replacement for ssh-agent that pulls ssh keys from Bitwarden secure notes.

This project is not associated with the Bitwarden project, Bitwarden, Inc., or Vaultwarden

⚠️IMPORTANT⚠️: When using this client, please report any bugs or suggestions to us directly, regardless of whatever server you are using (Bitwarden, Bitwarden Self-Hosted, Vaultwarden, etc.). DO NOT use the official support channels.

Getting Started

  1. Copy config-sample.yaml to ~/.bw-agent.yaml or a temporary location if you'll be using oauth.
  2. Edit your config files and update the fields to match your setup. If you don't mind inputting your 2FA on start you can leave off the oauth client id and secret.
  • If you specified oauth credentials run bw-agent --config <path to config> encrypt > ~/.bw-agent.yaml to encrypt the sensitive fields
  1. Run eval "$(bw-agent run) (you may specify --config <path> if you've placed it in another location)
  2. Authenticate using your bitwarden master password

TODOs

  • Implement basic Bitwarden Client to pull Secure Notes
  • Implement ssh-agent client support to import SSH keys
  • Implement 2FA support for Bitwarden Client
    • TOTP Authenticator
    • Email
    • Yubico Authenticator
    • FIDO
  • Implement encryption on sensitive config fields
  • Implement ssh-agent server