bitwarden
Could not open a connection to your authentication agent.
Steps To Reproduce
The tutorial at https://bitwarden.com/help/ssh-agent/#tab-desktop-3PjpTaCCPSpz3hcsQ5sznu doesn't work, at least on Windows 11.
I followed precisely instructions there, and when I run ssh-add -L I get Could not open a connection to your authentication agent.
Tried both ssh-add under WSL and under Git/MSYS - same result.
Shouldn't Windows users set SSH_AUTH_SOCK just like Mac/Linux users do??? How ssh-add is supposed to detect the agent???
Expected Result
ssh-add -L should give other result
Actual Result
Could not open a connection to your authentication agent.
Screenshots or Videos
No response
Additional Context
No response
Operating System
Windows
Operating System Version
11 Pro
Installation method
Microsoft Store
Build Version
2025.5.1
Issue Tracking Info
- [x] I understand that work is tracked outside of GitHub. A PR will be linked to this issue should one be opened to address it, but Bitwarden doesn't use fields like "assigned", "milestone", or "project" to track progress.
Thank you for reporting this issue! We've added this to our internal tracking system. ID: PM-22567
Figured it out:
#!/bin/bash
set -xe
export SSH_AUTH_SOCK=$HOME/.ssh/agent.sock
ALREADY_RUNNING=$(ps -auxww | grep -q "[n]piperelay.exe -ei -s //./pipe/openssh-ssh-agent"; echo $?)
if [[ $ALREADY_RUNNING != "0" ]]; then
if [[ -S $SSH_AUTH_SOCK ]]; then
# not expecting the socket to exist as the forwarding command isn't running (http://www.tldp.org/LDP/abs/html/fto.html)
echo "removing previous socket..."
rm $SSH_AUTH_SOCK
fi
echo "Starting SSH-Agent relay..."
# setsid to force new session to keep running
# set socat to listen on $SSH_AUTH_SOCK and forward to npiperelay which then forwards to openssh-ssh-agent on windows
(setsid socat UNIX-LISTEN:$SSH_AUTH_SOCK,fork EXEC:"npiperelay.exe -ei -s //./pipe/openssh-ssh-agent",nofork &) >/dev/null 2>&1
fi
Based on: https://gist.github.com/WillianTomaz/a972f544cc201d3fbc8cd1f6aeccef51?permalink_comment_id=4742995
Anyway, it would be good to include this in the docs. Developers and sysadmins prefer to use WSL CLI tools, not the ones built into Windows.
Hi there,
This has been escalated for further investigation. If you have more information that can help us, please add it below.
Thanks!
I am running the same setup with Windows 11 and primarily use WSL for my work. We've recently converted to using Bitwarden ssh-agent as our way of controlling ssh access throughout the company and our different environments. I've not experienced any issues with using the bitwarden ssh-agent on Windows.
I've used the solution proposed in https://community.bitwarden.com/t/ssh-agent-native-support-for-ssh-agent-in-wsl/83831/5, and just use alias' on WSL to use the windows ssh binaries. This only work if I invoke ssh directly through the terminal and does not work when I run a script using ssh, as it falls back to the wsl ssh.
I don't know if the solution should be wsl specific, or if bitwarden-cli should be extended to support ssh-agent aswell. But I would love to be able to continue using wsl.
