Pageant Support and winssh-pageant

smithj
smithj
Community Member
edited May 2022 in SSH

I'm really happy to be part of this beta program, currently have native \\.\pipe\openssh-ssh-agent windows supporting apps working. But this leaves quite a big gap in functionality on Windows.

I have been using winssh-pageant (https://github.com/ndbeals/winssh-pageant) as a translation layer between the Windows OpenSSH Agent and my Pageant supporting apps for 6 months with great success.

Now with 1password taking ownership of the ssh-agent pipe, if I access any application that uses the Pageant protocol the application freezes and the 1password.exe process goes to 100% single cpu core utilisation.

The 1p process stays at 100% until I quit and restart 1password.

Please advise if this setup is feasible and if there are any debugging details I can take to assist and if Pageant support is on the roadmap.

1Password Version: 8.6.0 (80600026 BETA)
Extension Version: 2.3.0 (BETA)
OS Version: Windows 11

Comments

  • smithj
    smithj
    Community Member

    Some further details,

    Running the code for winssh-pageant directly (or running the compiled binary directly) works as expected. E.g. open PuTTY, ssh to host, enter username, 1password pops up.

    When running winssh-pageant via the authors recommended way (as a Scheduled Task set to run at Log On), it exhibits the behaviour I orginally posted. I suspect this may be connected to the owning process. This method has the ownership chain of winssh-pageant.exe -> svchost.exe (task scheduler) -> services.exe -> wininit.exe

    Running directly links back to the root explorer.exe process (under the same tree as 1password.exe is operating).

    Hope that helps. Outside of git usage, ssh key usage via PuTTY is my primary use case.

  • floris_1P
    floris_1P

    Thanks for digging into this! We will investigate and get back to you.

  • Lucent
    Lucent
    Community Member

    As a longer-term solution, it appears better support for OpenSSH is coming to Pageant which will hopefully pave the way for it to work with 1Password's agent. If you're a WinSCP user, this bug may be worth voting on, too.

  • smithj
    smithj
    Community Member

    Hi Lucent, with the change to pageant does that mean that it will be the "proxy" to the win ssh pipe (like winssh-pageant is) or is it suggesting that the windows ssh.exe program will be able to source it's keys through pageant?

    My initial reading suggests this feature will allow "native" ssh to use pageant, where-as i want "pageant" things to access native ssh keys. Please correct me if I have misunderstood Simon's git commit message.

  • floris_1P
    floris_1P

    We've made some improvements which should fix this issue as well. It'll be available in the next beta update, but if you want to try it now already, you can switch to the Nightly release channel from the 1Password 8 preferences: . Let me know if that fixes the issue.

  • smithj
    smithj
    Community Member

    AMAZING!!!!!

    It works, a massive thank-you to the 1password dev team.

  • floris_1P
    floris_1P

    @smithj Out of curiosity, are you using winssh-pageant with the --no-pageant-pipe flag or over the pipe?

  • smithj
    smithj
    Community Member

    No, just running the exe via Task Scheduler at login with no flags.

  • ndbeals
    ndbeals
    Community Member

    Hello, I am the developer of winssh-pageant. I was made aware of this post from users who are experiencing similar problems and opened an issue on the repository: https://github.com/ndbeals/winssh-pageant/issues/15

    @smithj my first suggestion is to update winssh-pageant. There were fixes to how the key is translated in the code between v1.2 and now.

    I also have suspicions that the Task Scheduler autostart and process ownership may indeed cause issues as well. The recommended way (now) to autostart it is through the Start Menu autorun folder. Detailed in the README here..

    The latest versions now have an MSI installer, which properly creates the autorun entry too. I recommend deleting your current winssh-pageant.exe and the Task Scheduler autostart and re-installing using the MSI: https://github.com/ndbeals/winssh-pageant/releases/tag/v2.1

    So far, I have been unable to replicate these problems.

    @floris_1P If you know anything that may be helpful to me in getting to the bottom of this, it'd be much appreciated!

  • ndbeals
    ndbeals
    Community Member

    I've discovered the specific cause of the issue https://github.com/ndbeals/winssh-pageant/issues/15#issuecomment-1096899806 and have implemented a fix, just waiting for the user to test it, then I'll push a new release.

    I'm not sure if it's the same issue anyone here is facing, please open a new issue if you're still facing a problem after v2.2 releases.

  • floris_1P
    floris_1P

    Hey @ndbeals, thanks for stopping by! I think the issue that @smithj was facing was already resolved.

  • smithj
    smithj
    Community Member

    @ndbeals - I have updated and the update is awesome. Thank you for your contribution to Open Source software, your utility made a big difference to my workflow.

This discussion has been closed.