Working in VSC with 1p-SSH keys / Unlock 1p many times a day

dmacxdmacx
Community Member
edited May 3 in SSH

I love to have SSH keys stored in 1password and not on the local disc any more. This makes my keys more "mobile".

But now with my setup on my daily basis I really have to often unlock 1password (with the fingerprint) within Visual Studio Code. When I leve the Mac and come back later, I have to unlock it again. And again. And again.'

In know: This is security basis of 1password. But with the comfort of have the SSH keys with me, I lost the comfort while using VSC. Is it possible to grand access for a session within VSC?


1Password Version: 8.6.0
Extension Version: 2.3.0
OS Version: maxOS 12.2.1

Comments

  • XIIIXIII
    Community Member

    I also ran into this, but I use SSH within VS Code so infrequently that I decide to disable/remove the remote/SSH plugin…

    (Might revert that if 1Password has a better solution)

  • smithjsmithj
    Community Member

    This is something I was going to raise as well, I understand the security implications so it would be good to perhaps have a configurable amount of time. At least have the SSH Agent follow the same logic as Auto-lock from the settings.

    With my previous setup my keys would get unlocked by passphrase each login and that was it, whereby now I have having to pass biometric auth quite frequently. Windows Hello is good, but it isn't that good and it's slowing me down.

  • whitwwhitw
    Community Member
    edited March 1

    This is always a solution (depends on your own threat-tolerance):

    [manjaro ~]# cat /etc/polkit-1/rules.d/10-ssh.rules
    
    /* Allow users in UPDATE_WITH_YOUR_USER_GROUP group to use 1Password SSH agent without authentication */
    polkit.addRule(function(action, subject) {
        if (action.id == "com.1password.1Password.authorizeSshAgent" &&
            subject.isInGroup("UPDATE_WITH_YOUR_USER_GROUP")) {
            return polkit.Result.YES;
        }
    });
    
  • lm4cclm4cc
    Community Member

    I also have this problem with IntelliJ IDEA, which does git fetch in the background quite frequently. I want to only authorize the program once per session, not every time it needs a key!

  • BeardedPrinceBeardedPrince
    Community Member

    Same issue here. I don't have the remote/SSH plugin installed.

  • rodneytrodneyt
    Community Member

    I haven't been able to get 1password ssh to work with Visual Studio remote servers at all. Regardless of how I configure ssh config VS still prompts me via in-app dialog for SSH password. Can someone walk me through how to get Visual Studio to connect to a remote development server using 1password?

  • vdhpietervdhpieter
    Community Member

    Running into the same issue with git fetch. Did anybody found a solution?

  • daanldaanl
    Community Member

    I am having the same issue, which is actually a bit weird as the docs mention: "After approving, you can continue using the same SSH key from the same terminal window, IDE, or Git client without being prompted again, until 1Password locks.", which doesn't seem to be the case for me when using VS Code.

  • daanldaanl
    Community Member

    I contacted 1Password support (their response), and for me it was fixed by updating Git.

  • Marton.Soos_1PMarton.Soos_1P

    Team Member

    Over the past couple of weeks we've made a number of improvements that should reduce the prompting frequency. VSCode and IntelliJ IDEs should work as expected on the latest nightly (you are prompted to authorize the first time the IDE attempts to auto-fetch and subsequent auto-fetch requests do not result in prompts).

    Please let us know if you still encounter issues with the prompting frequency.

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file