ssh-copy-id functionality

LachyLachy
Community Member
edited May 3 in SSH

Without the private key files in ~/.ssh/, it's less convenient to use ssh-copy-id to put public keys onto servers. It would be useful if 1Password provided an easy solution for this, perhaps UI built into 1Password itself or some kind of integration with or replacement for ssh-copy-id so that it can read the private keys from 1Password.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided

Comments

  • alexclstalexclst Junior Member
    Community Member

    This could be something added to the 1Password CLI perhaps? Like an op copy-ssh-public-key command or something.

  • dcoghlandcoghlan
    Community Member

    +1 for this

  • illutronillutron
    Community Member

    +1

  • dcoghlandcoghlan
    Community Member

    +1 for this

  • K.J._1PK.J._1P

    Team Member
    edited March 14

    Hello! I have no used ssh-copy-id, but from the docs it should use ssh-add -L to look for keys in the agent:

    Otherwise, if this: ssh-add -L provides any output, it uses that in preference to the identity file.

    SSH for 1Password 8 supports ssh-add -L, however, at least on my machine, it won't read an IdentityAgent from ~/.ssh/config and requires the SSH_AUTH_SOCK environment variable set.

    SSH_AUTH_SOCK="$HOME/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock" ssh-add -L
    

    I tested ssh-copy-id locally with the environment variable and it was able to successfully add a new key.

    Are you able to test this environment variable with ssh-copy-id? Thanks!

  • GreSuhGreSuh
    Community Member

    Hi,
    these paths with spaces are a little tricky. Maybe the socket should be created in a more common location.
    Nevertheless
    export SSH_AUTH_SOCK=~/Library/Group\ Containers/2BUA8C4S2C.com.1password/t/agent.sock
    worked for ssh-add.

    And ssh-copy-id also seems to accept this:

    ➜  ~ ssh-copy-id [email protected]                                                            
    /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
    /usr/bin/ssh-copy-id: INFO: 3 key(s) remain to be installed -- if you are prompted now it is to install the new keys
    
  • ktuluktulu
    Community Member

    I got multiple keys now in 1password and ssh-add -l shows them. Now I want to add only one of them via ssh-copy. How would I do that? It should only copy one specific key and not all.

  • kjaleshirekjaleshire
    Community Member

    Unfortunately there's not a way to specify a key except by filename with ssh-copy-id. Since the keys in 1Password are ID'd by name in the comment section, you can list the public keys with ssh-add -L, grep one by ID, and copy that:

    ssh [email protected] "echo $(ssh-add -L | grep "$KEY_ID\$") >> ~/.ssh/authorized_keys"
    

    where $KEY_ID is the name of the SSH key in 1Password.

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file