SSH Agent support

[xillion]

+1

[stefman]

+1 would be very great to have SSH-Support into Enpass!

Is there any news on this, as the original Request is over three years old, now?

[Fadi]

+1 must have this feature.

[Gulshan Dogra]

Hi @all,

Thank you very much for your patience and support.

All your feedback on this forum has been forwarded to our concerned team and we are continuously reviewing your responses. This feature request is currently being examined by our backend team.

#SI-1081

[stanwu]

I would like to pay to subscribe this feature, it is amazing feature that after I tried 1Password 8 SSH agent, it is a total solution that add extra layer to protect id_rsa key also very flexible to management multi-ssh key issue  

[Gulshan Dogra]

Hi @stanwu,

Welcome to the Enpass community.

I have duly noted your feedback and it has been forwarded to our concerned team for further consideration.

#SI-1081

[Christof]

+1

 

[Jo Ried]

I use a WebDAV connection with a self-signed certificate for local synchronization. The DNS name that is automatically assigned by my router is very popular in Europe/Germany, nas.fritz.box. Enpass works perfectly with this setup because I can explicitly tell it not to verify the certificate because it's self-signed.

But am I creating a security vulnerability by doing this? Enpass automatically syncs the vaults when I open it. If someone wants to steal my vault, they will see that there is a DNS request for dns.fritz.box and create the DNS themselves. On the second attempt, when Enpass tries to sync, the hacker will accept every user and password and will now know the WebDAV DNS name, user, and password. What happens when Enpass tries to sync and sees that there is no file? Will the file be created and copied, or will there be an alert? If it is simply copied, my password file could be stolen when using hotel Wi-Fi. If there is an alert, I will know that someone is trying to steal my vault file. I know that self-signed certificates are not a good idea. It would be great if Enpass could use ssh(fs) for file syncing.

[Jo Ried]

2 hours ago, Jo Ried said:

I use a WebDAV connection with a self-signed certificate for local synchronization. The DNS name that is automatically assigned by my router is very popular in Europe/Germany, nas.fritz.box. Enpass works perfectly with this setup because I can explicitly tell it not to verify the certificate because it's self-signed.

But am I creating a security vulnerability by doing this? Enpass automatically syncs the vaults when I open it. If someone wants to steal my vault, they will see that there is a DNS request for dns.fritz.box and create the DNS themselves. On the second attempt, when Enpass tries to sync, the hacker will accept every user and password and will now know the WebDAV DNS name, user, and password. What happens when Enpass tries to sync and sees that there is no file? Will the file be created and copied, or will there be an alert? If it is simply copied, my password file could be stolen when using hotel Wi-Fi. If there is an alert, I will know that someone is trying to steal my vault file. I know that self-signed certificates are not a good idea. It would be great if Enpass could use ssh(fs) for file syncing.

Thanks for moving the question to ssh request, but there is still the open question regarding WebDAV will Enpass copy the file to a insecure location?

[Guno]

+1

[Warren]

Dear Esteemed Enpass Team,

I trust this message finds you well. I am a dedicated user of your exceptional product, Enpass. I am reaching out today to express my interest in a feature that I understand has previously been suggested by fellow users.

Three years ago, the prospect of integrating SSH agent functionality into Enpass was discussed. This capability, as you are likely aware, would greatly enhance our ability to manage SSH keys, thereby increasing the security of our SSH connections - a crucial factor in the current digital landscape.

Recognizing the importance of such a feature, I am writing to inquire about the progress of its implementation. Understanding the complexities involved in software development, I am aware that such processes require time and resources. Nevertheless, I believe this functionality would significantly enhance the usability of Enpass and provide a more secure and streamlined experience for your users.

I appreciate your time in reading and considering my request. Any updates you can provide on this matter would be greatly appreciated.

Thank you for your continued dedication to improving and maintaining the high standards of Enpass.

Edited May 10 by Warren