Security – Jeffrey Bostoen https://jeffreybostoen.be Freelance iTop consultant and developer - IT Consulting - Official iTop Partner Fri, 20 Mar 2026 14:46:28 +0000 en-US hourly 1 https://wordpress.org/?v=6.9.4 https://jeffreybostoen.be/wp-content/uploads/2023/01/cropped-android-chrome-512x512-1-32x32.png Security – Jeffrey Bostoen https://jeffreybostoen.be 32 32 BitWarden 2026 as SSH agent for Visual Studio and Windows Subsystem for Linux (WSL) https://jeffreybostoen.be/bitwarden-2026-as-ssh-agent-for-visual-studio/ Tue, 17 Mar 2026 20:24:15 +0000 https://jeffreybostoen.be/?p=1455 I’m writing this in March 2026. The procedure already changed a couple of times because of BitWarden upgrades.

Goal

My objective is to be able to use the SSH keys stored in BitWarden in Visual Studio, and more in particular in combination with the SSH FS – Visual Studio Marketplace extension.

This SSH FS extension allows users to connect to a remote server using the SSH protocol, and to mount folders and write to remote files.

Prerequisite

Current Microsoft Windows versions come with their own OpenSSH service.

We want to use the standard OpenSSH pipe, and make Bitwarden prompt to authorize the SSH keys stored in BitWarden.

To accomplish this, we must disable the OpenSSH service. Otherwise, BitWarden can not take over.

Stop-Service ssh-agent -Force
Set-Service -Name ssh-agent -StartupType Disabled

Now, confirm that no pipes are shown anymore. The following command should not list anything related to openssh-ssh-agent anymore.

[System.IO.Directory]::GetFiles("\\.\pipe\") | Where-Object { $_ -like "*ssh*" }

Enabling the BitWarden SSH agent

  1. Start BitWarden. If it was already running, restart it. It may be necessary to do this explicitly as an administrator.
  2. Go to Settings > SSH Agent.
  3. Ensure Enable SSH agent is checked.

Check if this shows the pipe:

[System.IO.Directory]::GetFiles("\\.\pipe\") | Where-Object { $_ -like "*ssh*" }

The output should be this:

\\.\pipe\openssh-ssh-agent

If you try the following command, it should now list the SSH keys that you have available in BitWarden.

ssh-add -l

Configuring SSH FS in VS Code

(Re)start Visual Studio. When you go to SSH FS and edit a configuration for a remote server, focus on this:

  • Don’t set a private key; don’t point to a private key file.
  • Look for the Agent setting and make sure it points to \\.\pipe\openssh-ssh-agent

This should be enough.

As soon as you want to connect to this remote server within VS Code, you should see BitWarden requesting your authorization.

Using the SSH agent in WSL

If you install for example an Ubuntu distribution and use bash, you may be inclined to try this simple listing of SSH keys – and see it fails.

jbostoen@ltJeffrey2024:/mnt/c/Users/jbost$ ssh-add -l
Could not open a connection to your authentication agent.

The secret sauce is that you can actually use ssh.exe and ssh-add.exe – Which work!

jbostoen@ltJeffrey2024:/mnt/c/Users/jbost$ ssh-add.exe -l
256 SHA256:xxx somename (ED25519)

If need, you can alias those commands.

nano ~/.bashrc


Add this alias at the bottom:

alias ssh='ssh.exe'
alias ssh-add='ssh-add.exe'

SSH in Windows

To faciliate your life, you can create this kind of config file ( %userprofile%\.ssh\config ):

# On Windows, use forward slashes for the identity agent.

Host jump
    HostName xxx.be
	Port 1234
    User root
	IdentityAgent //./pipe/openssh-ssh-agent

Host someremotehost
    HostName 1.2.3.4
    Port 5678
    User jeffrey
    ProxyJump jump
    IdentityAgent //./pipe/openssh-ssh-agent

After that, you can shorten your command syntax a lot to:

ssh -J jump someremotehost

]]>