SSH agent: option in application settings to remove all keys on closing keepassxc

[tzeumer]

Summary

Currently, one has three options to remove a SSH key. Either manually selecting "Remove from agent" (for each key) or by a timeout or by using the option "Remove key from agent when database is closed/locked".

It'd be great if that last option could be made into two distinct options:

1. "Remove key from agent when database is locked"
2. "Remove key from agent when database is closed"

Context

For me, it's a good balance between security and convenience to keep the keys loaded while KeePassXC is running—locked or unlocked. But it feels counterintuitive that this is still the case when I close the program. Or that I would have to remember to remove them (all) manually before closing the app.

[droidmonkey]

From our perspective, there is no difference between closed and locked. We should just remove the "closed" wording in there.

It would make sense at the application level, however, to have an option in the overall ssh agent to remove all keys on closing keepassxc itself.

[tzeumer]

It would make sense at the application level, however, to have an option in the overall ssh agent to remove all keys on closing keepassxc itself.

Sorry, I described the issue badly. But that's exactly what I meant. Thank you for considering it.