Working in VSC with 1p-SSH keys / Unlock 1p many times a day
I love to have SSH keys stored in 1password and not on the local disc any more. This makes my keys more "mobile".
But now with my setup on my daily basis I really have to often unlock 1password (with the fingerprint) within Visual Studio Code. When I leve the Mac and come back later, I have to unlock it again. And again. And again.'
In know: This is security basis of 1password. But with the comfort of have the SSH keys with me, I lost the comfort while using VSC. Is it possible to grand access for a session within VSC?
1Password Version: 8.6.0
Extension Version: 2.3.0
OS Version: maxOS 12.2.1
Comments
-
I also ran into this, but I use SSH within VS Code so infrequently that I decide to disable/remove the remote/SSH plugin…
(Might revert that if 1Password has a better solution)
0 -
This is something I was going to raise as well, I understand the security implications so it would be good to perhaps have a configurable amount of time. At least have the SSH Agent follow the same logic as Auto-lock from the settings.
With my previous setup my keys would get unlocked by passphrase each login and that was it, whereby now I have having to pass biometric auth quite frequently. Windows Hello is good, but it isn't that good and it's slowing me down.
0 -
This is always a solution (depends on your own threat-tolerance):
[manjaro ~]# cat /etc/polkit-1/rules.d/10-ssh.rules
/* Allow users in UPDATE_WITH_YOUR_USER_GROUP group to use 1Password SSH agent without authentication */ polkit.addRule(function(action, subject) { if (action.id == "com.1password.1Password.authorizeSshAgent" && subject.isInGroup("UPDATE_WITH_YOUR_USER_GROUP")) { return polkit.Result.YES; } });
0 -
I also have this problem with IntelliJ IDEA, which does
git fetch
in the background quite frequently. I want to only authorize the program once per session, not every time it needs a key!0 -
Same issue here. I don't have the remote/SSH plugin installed.
0 -
I haven't been able to get 1password ssh to work with Visual Studio remote servers at all. Regardless of how I configure ssh config VS still prompts me via in-app dialog for SSH password. Can someone walk me through how to get Visual Studio to connect to a remote development server using 1password?
0 -
Running into the same issue with git fetch. Did anybody found a solution?
0 -
I am having the same issue, which is actually a bit weird as the docs mention: "After approving, you can continue using the same SSH key from the same terminal window, IDE, or Git client without being prompted again, until 1Password locks.", which doesn't seem to be the case for me when using VS Code.
0 -
I contacted 1Password support (their response), and for me it was fixed by updating Git.
0 -
Over the past couple of weeks we've made a number of improvements that should reduce the prompting frequency. VSCode and IntelliJ IDEs should work as expected on the latest nightly (you are prompted to authorize the first time the IDE attempts to auto-fetch and subsequent auto-fetch requests do not result in prompts).
Please let us know if you still encounter issues with the prompting frequency.
0 -
Had the same Problem with VS Code bringing up 1P’s auth window every other second. The culprit in my case was git’s "Autofetch" that was set to "true". I’ve set it to "false" and the problem was gone.
0 -
We're now suppressing SSH prompts from apps that run in the background to avoid unexpected prompts. This makes Git autofetch a more attractive option again.
1