KeeAgent, VS-Code and Linux
You can use KeeAgent to open VS Code in your Linux Server with an SSH Key stored in KeePass, seemlessly. Let's start by explaining some of those terms.
- VS Code is an editor by Microsoft. Architectually it's split into a front-end and back-end (VS Code Server) which means the front-end can run on your Windows machine, but the back-end can run on your server in the cloud.
- By Linux Server I mean any box really that allows SSH login (given that now includes Windows 🤷) and a supported CPU (no Raspberry PI Zero 😢).
- KeePass is a local Password Manager that stores username and passwords for us.
- KeeAgent is a plugin for KeePass. It'll act as a SSH authentication agent for us.
Let's start with an empty KeePass instance. I'm using Windows Sandbox for all of this to keep things barebones.
Install OpenSSH Client
Ensure the optional feautre of "OpenSSH Client" is available with the command Add-WindowsCapability -Online -Name OpenSSH.Client
. When you run ssh
in Powershell you should see the following.
Download KeePass
KeePass can be downloaded from here. KeePass acts as a database for all your username and passwords.
Download KeeAgent
KeeAgent is a plugin for KeePass that adds SSH public-key support. It can be downloaded from the Website linked here. To install it, you copy the KeeAgent.plgx
file into the KeePass Plugins directory.
Create a new KeePass Database
Run the KeePass exe, then use File -> New...
to create a new DB if you haven't before.
Add the SSH Entry to KeePass
Use Entry -> Add Entry...
to add a new Entry. Set the Title to the address of your server, the Username to the username you use to login to your SSH server and the url to ssh://{TITLE}
.
Now go to Advanced and use the Attach
button to add an attachment to the Entry. You want to attach your private key that you use to authenticate with your SSH Server. This can be either a PEM or a PPK file.
Then go further across to the KeeAgent
tab and check Allow KeeAgent to use this entry
. KeeAgent offers a collection of helpful things here, including the PublicKey in the format you'll need to add to authorized_keys
on the server if that's not done already.
Enable KeeAgents Auth service
Go to Tools -> Options
within KeePass and go to the KeeAgent
tab. Check the option Enable agnet for Windows OpenSSH (experimental)
.
And now restart KeePass.
If you see the error above, you might need to stop the "OpenSSH Authentication Agent" service. As shown below:
Install VS Code
You can download VS Code from here.
Install the "Remote - SSH" extension
Add a new SSH Host
Use Ctrl-Shift-P
to open the Command Palette and then run the command Remote-SSH: Add New SSH Host...
, then add a target SSH address, in our case it's tom@20.68.192.87
which was an Azure Host I spun up to demo this.
Hit enter and save the entry to any option you like. You should see a box appear, click Connect or use the Command Palette to run the command Remote-SSH: Connect Current Window to Host...
and select the host you just added.
You might see the following option, select as appropriate.
Then you'll see the following:
Whenever the KeeAgent is asked to authenticate something you'll see a notification. If the process completes sucessfully, you'll see in your Files tab that you can now open remote folders.
Open a remote directory and you'll see yourself now with a VS Code instance within your remote server.
From here you have a collection of interesting tools to try out. By clicking the No Ports Available
message at the bottom you can see how you can forward ports (meaning that your local ports are routed to the remote), letting you access services running on the remote.
For example, the above is where I've installed Docker and spun up a hashicorp/http-echo
image on the remote-server and forwarded the port locally which you can see in the browser.