SSH Agent over RDP - Windows Hello fallback yet?
There are previous discussions about how the SSH agent cannot be used within an RDP session, because RDP does not allow for Windows Hello authentication popups. This is usually seen when RDP'd into a Windows desktop, trying to use something that is attempting to use an SSH key, and gets the "agent refused operation" error. There were mentions that development was ongoing to provide a fallback mechanism to allow the SSH agent to continue to work when Windows Hello was unavailable. Is there any news on how this is coming?
See https://1password.community/discussion/128652/bug-ssh-agent-cannot-be-used-when-connected-via-remote-desktop for one reference to previous discussions.
For specific reference, I run 1Password with the SSH agent on my Windows 11 desktop. I SSH into another server from Powershell with the built-in OpenSSH command line client. When I'm at the physical computer, Windows Hello pops up for my PIN, 1Password provides my SSH key, and everything's good. When I RDP into my desktop and attempt the same command line SSH client to another server, the "agent refused operation" error message is returned. In 1Password's logs, there is only a single line logged at the time of attempting to use the SSH agent over RDP: "INFO 2022-06-28T21:48:38.498 tokio-runtime-worker(ThreadId(2)) [1P:ssh\op-ssh-agent\src\lib.rs:409] Session was not authorized"
1Password Version: 8.7.3
Extension Version: Not Provided
OS Version: Windows 11
Browser:_ Not Provided
Comments
-
You can now use the SSH agent in an RDP session. The Windows Hello requirement has been lifted.
0