search

keepassxreboot / keepassxc

KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”.
https://keepassxc.org/
Other
20.61k stars 1.43k forks source link

SSH agent: option in application settings to remove all keys on closing keepassxc #10811

Open tzeumer opened 3 months ago

tzeumer commented 3 months ago

Summary

Currently, one has three options to remove a SSH key. Either manually selecting "Remove from agent" (for each key) or by a timeout or by using the option "Remove key from agent when database is closed/locked".

It'd be great if that last option could be made into two distinct options:

  1. "Remove key from agent when database is locked"
  2. "Remove key from agent when database is closed"

Context

For me, it's a good balance between security and convenience to keep the keys loaded while KeePassXC is running—locked or unlocked. But it feels counterintuitive that this is still the case when I close the program. Or that I would have to remember to remove them (all) manually before closing the app.

droidmonkey commented 3 months ago

From our perspective, there is no difference between closed and locked. We should just remove the "closed" wording in there.

It would make sense at the application level, however, to have an option in the overall ssh agent to remove all keys on closing keepassxc itself.

tzeumer commented 3 months ago

It would make sense at the application level, however, to have an option in the overall ssh agent to remove all keys on closing keepassxc itself.

Sorry, I described the issue badly. But that's exactly what I meant. Thank you for considering it.