Feature Request: SSH-agent-style credential forwarding for remote Claude Code sessions
Resolved 💬 6 comments Opened Apr 16, 2026 by cghamburg Closed May 25, 2026
Problem
When running Claude Code on a remote server via SSH, credentials (API key or OAuth token) must be stored on the remote filesystem. On shared servers where other users have root access, this is a security concern — root can read tokens from ~/.claude/ or /proc/*/environ.
There is no equivalent to SSH's ssh-agent forwarding, where the secret never leaves the local machine.
Proposed Solution
A local claude-auth-agent daemon (analogous to ssh-agent) that:
- Runs on the local machine, holds the API key / OAuth token in memory
- Exposes a Unix socket (e.g.
CLAUDE_AUTH_SOCK) - The socket is forwarded via
ssh -Rto the remote server - Remote Claude Code talks to the forwarded socket for API authentication
# Local
eval $(claude-auth-agent)
ssh -R /tmp/claude-auth.sock:$CLAUDE_AUTH_SOCK -p 42222 user@server
# Remote — key never touches the server
export CLAUDE_AUTH_SOCK=/tmp/claude-auth.sock
claude
Why
- API keys / OAuth tokens never leave the local machine
- Revocation is instant (kill the local agent)
- Familiar pattern — every developer already knows
ssh-agentforwarding - Shared/multi-tenant servers become safe to use
Related Issues
- #42965 — OAuth broken for remote/headless setups
- #7100 — Headless/remote authentication (auto-closed)
- #44089 — Keychain inaccessible from SSH sessions
- #29717 — SSH_AUTH_SOCK forwarding for 1Password agent
This issue has 6 comments on GitHub. Read the full discussion on GitHub ↗