SSH Feature questions

2»

Comments

  • That's one of the options we're exploring. One downside of that approach is that in shared vaults, someone on your team would be able to change everyone else's SSH agent behavior, while all other SSH agent configuration is (intentionally) local to each device.

  • negnetsolutions
    negnetsolutions
    Community Member

    @floris_1P It's better, but still very annoying since I tend to have many terminal processes running inside of tmux and vim.

  • ragectl
    ragectl
    Community Member
    edited June 2022

    @floris_1P is there any update on possible changes to the restriction on having SSH keys in the 'default' ("Personal" in my case) vault?

    I have a personal 1P account, nobody else has access to it, but I am forced to keep all my items in this "Personal" vault that are not personal items.

    Can the developers at least allow extra vaults for accounts with a single login attached?

    I understand the reluctance about using shared vaults, but I work in teams that have shared SSH keys as back-up for when network authentication fails and we have never had an issue with misuse of the keys.
    Perhaps that could be addressed by enforcing security over who can edit entries, rather than restricting use of those entries?

  • @ragectl Unfortunately there are no updates yet regarding this feature.

  • @negnetsolutions In the latest beta, you can now configure the SSH agent authorization model to not prompt for each terminal tab, but only once per application. Let me know if that improves things for you!

  • negnetsolutions
    negnetsolutions
    Community Member

    @floris_1P That's neat. I'll give it a try. Thanks.

  • On behalf of Floris, you're welcome.

  • @kevinneufeld @Enceladus @nikolamilekic @ragectl

    I wanted to let you know that we're currently working on a solution that allows for the following:

    • Enable keys from other vaults than the Private vault.
    • Create isolated setups with certain keys offered on a separate socket.
    • Control the order in which keys are offered to SSH servers.

    It would be great to get your feedback on our proposal, if you're (still) interested. You can do so by joining the #ssh-agent-config channel in our Slack workspace.

  • ragectl
    ragectl
    Community Member

    @floris_1P good to hear thanks. I will take a look

This discussion has been closed.