Advanced SSH Agent Uses

This document provides guides to use Bitwarden SSH agent for advance use cases. To learn more about the Bitwarden SSH agent, or get started with the Bitwarden SSH agent, see the SSH Agent document.

SSH connect to servers and virtual machines with SSH keys securely stored in Bitwarden.

1. To begin, make sure the SSH agent has been enabled on your Bitwarden desktop app by navigating to Settings  and Enable SSH agent:
   

   

2. Create a new SSH key or import and existing SSH key to your Bitwarden desktop app.
   

   

3. You may now connect to your server using SSH connection. The SSH agent will retrieve the key from the SSH agent rather than a stored file path:
   

   BashCopy
   ssh username@server-ip

4. Bitwarden will prompt you to approve the SSH key access. This will show that the SSH key has been requested and used to complete the file transfer.
   

   

SSH agent forwarding is a ay to allow remote server you are accessing to authenticate to other servers using your keys, without exposing your private keys outside of your vault. The server you are logged in to can request your local Bitwarden instance to authenticate to the remote server. In this example, we will demonstrate transferring files between servers:

1. To begin, make sure the SSH agent has been enabled on your Bitwarden desktop app by navigating to Settings  and Enable SSH agent:
   

   

2. Create a new SSH key or import and existing SSH key to your Bitwarden desktop app.
   

3. Activate agent forwarding by opening a connection with the server you wish to send files to:
   

   BashCopy
   ssh -A <IP.ADDRESS>

4. Send a file to the server:
   

   BashCopy
   rsync -avzP ./TEST.txt <USER>@<IP>ADDRESS>:/home/<USER>/test.txt

5. Bitwarden will prompt you to approve the SSH key access. This will show that the SSH key has been requested and used to complete the file transfer.