Jump to content
We’re on Reddit now 🎉 🎉 💬 Come and join us there!! ×
Enpass Discussion Forum
We’re on Reddit now 🎉 🎉 💬 Come and join us there!!

SSH Agent support

Programie

By Programie
in Feature requests

 Share

Recommended Posts

Gulshan Dogra Rising Star

Gulshan Dogra

Posted
Posted

Hi @all,

Thank you very much for your patience and support.

All your feedback on this forum has been forwarded to our concerned team and we are continuously reviewing your responses. This feature request is currently being examined by our backend team.

#SI-1081

stanwu Newbie

stanwu

Posted
Posted

I would like to pay to subscribe this feature, it is amazing feature that after I tried 1Password 8 SSH agent, it is a total solution that add extra layer to protect id_rsa key also very flexible to management multi-ssh key issue  

image.thumb.png.371f81f6393cdfd59a273e359fa0dcb8.png

  • Like 1
  • 9 months later...
  • 1 month later...
Jo Ried Newbie

Jo Ried

Posted
Posted

I use a WebDAV connection with a self-signed certificate for local synchronization. The DNS name that is automatically assigned by my router is very popular in Europe/Germany, nas.fritz.box. Enpass works perfectly with this setup because I can explicitly tell it not to verify the certificate because it's self-signed.

But am I creating a security vulnerability by doing this? Enpass automatically syncs the vaults when I open it. If someone wants to steal my vault, they will see that there is a DNS request for dns.fritz.box and create the DNS themselves. On the second attempt, when Enpass tries to sync, the hacker will accept every user and password and will now know the WebDAV DNS name, user, and password. What happens when Enpass tries to sync and sees that there is no file? Will the file be created and copied, or will there be an alert? If it is simply copied, my password file could be stolen when using hotel Wi-Fi. If there is an alert, I will know that someone is trying to steal my vault file. I know that self-signed certificates are not a good idea. It would be great if Enpass could use ssh(fs) for file syncing.

Jo Ried Newbie

Jo Ried

Posted
Posted
2 hours ago, Jo Ried said:

I use a WebDAV connection with a self-signed certificate for local synchronization. The DNS name that is automatically assigned by my router is very popular in Europe/Germany, nas.fritz.box. Enpass works perfectly with this setup because I can explicitly tell it not to verify the certificate because it's self-signed.

But am I creating a security vulnerability by doing this? Enpass automatically syncs the vaults when I open it. If someone wants to steal my vault, they will see that there is a DNS request for dns.fritz.box and create the DNS themselves. On the second attempt, when Enpass tries to sync, the hacker will accept every user and password and will now know the WebDAV DNS name, user, and password. What happens when Enpass tries to sync and sees that there is no file? Will the file be created and copied, or will there be an alert? If it is simply copied, my password file could be stolen when using hotel Wi-Fi. If there is an alert, I will know that someone is trying to steal my vault file. I know that self-signed certificates are not a good idea. It would be great if Enpass could use ssh(fs) for file syncing.

Thanks for moving the question to ssh request, but there is still the open question regarding WebDAV will Enpass copy the file to a insecure location?

Warren Newbie

Warren

Posted
Posted (edited)

Dear Esteemed Enpass Team,

I trust this message finds you well. I am a dedicated user of your exceptional product, Enpass. I am reaching out today to express my interest in a feature that I understand has previously been suggested by fellow users.

Three years ago, the prospect of integrating SSH agent functionality into Enpass was discussed. This capability, as you are likely aware, would greatly enhance our ability to manage SSH keys, thereby increasing the security of our SSH connections - a crucial factor in the current digital landscape.

Recognizing the importance of such a feature, I am writing to inquire about the progress of its implementation. Understanding the complexities involved in software development, I am aware that such processes require time and resources. Nevertheless, I believe this functionality would significantly enhance the usability of Enpass and provide a more secure and streamlined experience for your users.

I appreciate your time in reading and considering my request. Any updates you can provide on this matter would be greatly appreciated.

Thank you for your continued dedication to improving and maintaining the high standards of Enpass.

Edited by Warren
  • 6 months later...
  • 5 months later...
Warren Newbie

Warren

Posted
Posted

 

On 6/13/2022 at 8:02 PM, Gulshan Dogra said:

Hi @stanwu,

Welcome to the Enpass community.

I have duly noted your feedback and it has been forwarded to our concerned team for further consideration.

#SI-1081

Have there been any updates? @Gulshan Dogra

  • 2 weeks later...
  • 7 months later...
Warren Newbie

Warren

Posted
Posted
On 5/30/2024 at 3:23 PM, Amandeep Kumar said:

our development team has accepted your feature request and has begun working on it. Adding a new feature may take some time, but rest assured, we'll keep you updated on the progress. 

@Amandeep Kumar

@Gulshan Dogra It's 2025 now, and this feature was requested about six years ago. What's the status of this feature? When will it be released?

  • 8 months later...
syriusz Apprentice

syriusz

Posted
Posted (edited)

I am (was) a big fan of Enpass since the very beginning (I created my account before subscription model) and it's really sad to see that Enpass development team slowed down significantly and seems to be unresponsive to the user's requests.

This SSH support feature request was submitted 6 years ago and still not implemented.

Another important request - FIDO2 support - was submitted 4 years ago - unfortunately the same result:

https://discussion.enpass.io/index.php?/topic/27596-usb-security-key-fido2-support/page/2/#comment-92034

Today I discovered that Bitwarden can be self-hosted (aka Vaultwarden) and it has all that features: excellent SSH support, FIDO2 keys support etc.
It's a bit more effort to self-host Vaultwarden server, but that was the last advantage of Enpass - you own your data offline and you decide how to backup them.

Is it time to say goodbye to Enpass then...? (I still hope not...)

Edited by syriusz
Amandeep Kumar Proficient

Amandeep Kumar

Posted
Posted

Thank you for being a long-time Enpass user and for sharing your honest feedback. We truly appreciate your continued support since the early days.

We understand your frustration regarding the delay in implementing features like SSH and FIDO2 support. Please rest assured that your feedback has been shared with our Product and Development Teams. Both features are on our internal roadmap, and we’re actively evaluating how to bring them to Enpass in a secure and seamless way.

We genuinely value your trust and patience as we continue to improve Enpass. Our goal remains to provide a secure, privacy-focused, and offline-first password manager.

Thank you once again for your loyalty and valuable input.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...