You can use KeeAgent to open VS Code in your Linux Server with an SSH Key stored in KeePass, seemlessly. Let's start by explaining some of those terms.
- VS Code is an editor by Microsoft. Architectually it's split into a front-end and back-end (VS Code Server) which means the front-end can run on your Windows machine, but the back-end can run on your server in the cloud.
- By Linux Server I mean any box really that allows SSH login (given that now includes Windows 🤷) and a supported CPU (no Raspberry PI Zero 😢).
- KeePass is a local Password Manager that stores username and passwords for us.
- KeeAgent is a plugin for KeePass. It'll act as a SSH authentication agent for us.
Let's start with an empty KeePass instance. I'm using Windows Sandbox for all of this to keep things barebones.
Install OpenSSH Client
Ensure the optional feautre of "OpenSSH Client" is available with the command
Add-WindowsCapability -Online -Name OpenSSH.Client. When you run
ssh in Powershell you should see the following.
KeePass can be downloaded from here. KeePass acts as a database for all your username and passwords.
KeeAgent is a plugin for KeePass that adds SSH public-key support. It can be downloaded from the Website linked here. To install it, you copy the
KeeAgent.plgx file into the KeePass Plugins directory.
Create a new KeePass Database
Run the KeePass exe, then use
File -> New... to create a new DB if you haven't before.
Add the SSH Entry to KeePass
Entry -> Add Entry... to add a new Entry. Set the Title to the address of your server, the Username to the username you use to login to your SSH server and the url to
Now go to Advanced and use the
Attach button to add an attachment to the Entry. You want to attach your private key that you use to authenticate with your SSH Server. This can be either a PEM or a PPK file.
Then go further across to the
KeeAgent tab and check
Allow KeeAgent to use this entry. KeeAgent offers a collection of helpful things here, including the PublicKey in the format you'll need to add to
authorized_keys on the server if that's not done already.
Enable KeeAgents Auth service
Tools -> Options within KeePass and go to the
KeeAgent tab. Check the option
Enable agnet for Windows OpenSSH (experimental).
And now restart KeePass.
If you see the error above, you might need to stop the "OpenSSH Authentication Agent" service. As shown below:
Install VS Code
You can download VS Code from here.
Install the "Remote - SSH" extension
Add a new SSH Host
Ctrl-Shift-P to open the Command Palette and then run the command
Remote-SSH: Add New SSH Host..., then add a target SSH address, in our case it's
[email protected] which was an Azure Host I spun up to demo this.
Hit enter and save the entry to any option you like. You should see a box appear, click Connect or use the Command Palette to run the command
Remote-SSH: Connect Current Window to Host... and select the host you just added.
You might see the following option, select as appropriate.
Then you'll see the following:
Whenever the KeeAgent is asked to authenticate something you'll see a notification. If the process completes sucessfully, you'll see in your Files tab that you can now open remote folders.
Open a remote directory and you'll see yourself now with a VS Code instance within your remote server.
From here you have a collection of interesting tools to try out. By clicking the
No Ports Available message at the bottom you can see how you can forward ports (meaning that your local ports are routed to the remote), letting you access services running on the remote.
For example, the above is where I've installed Docker and spun up a
hashicorp/http-echo image on the remote-server and forwarded the port locally which you can see in the browser.