Error connecting to agent: No such file or directory

rohanb
rohanb
Community Member
in SSH

I just saw the post & beta for SSH + CLI integration and this seems amazing. +1 Cant wait for the final release.

However, I'm unable to get this working at all.

  • I also use a shell called fishshell for what it's worth. (fish, version 3.3.1, but I do not believe this is part of the issue, as I swapped to bash too, and experience the same issue)
  • I have installed OpenSSH (OpenSSH_8.6p1)
  • 1P CLI is on version 2.0.0

I've run both the "configuration" commands per the docs.

I've created the symlink using

mkdir -p ~/.1password && ln -s ~/Library/Group\ Containers/2BUA8C4S2C.com.1password/t/agent.sock ~/.1password/agent.sock

...and added the additional line to the ssh config

Host * 
  IdentityAgent "~/.1password/agent.sock"
  IdentitiesOnly yes

I also added the SSH_AUTH_SOCK to my profile, even tried the global config from here

I've check that I have all the requirements.

  • Private vault
  • New Key generated via 1Password
  • Not archived

But when I run

ssh-add -l

I keep getting a response of Error connecting to agent: No such file or directory, and also any github cli interactions refuses to connect, but I believe its all caused by one in the same issue

Any ideas of what I might be missing?

1Password Version: 8.6.0
Extension Version: Not Provided
OS Version: 12.2.1 (21D62)
Referrer: forum-search:ssh

Comments

  • floris_1P
    floris_1P

    Can you share your output of:
    ls -l ~/Library/Group\ Containers/2BUA8C4S2C.com.1password/t/agent.sock

  • rohanb
    rohanb
    Community Member

    @floris_1P

    srw-------@ 1 rohbue  1275873306  0 Mar 17 15:11 /Users/rohbue/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock
  • floris_1P
    floris_1P

    And could share the output of: ls -l $SSH_AUTH_SOCK

    And could you try: ssh -o 'IdentitiesOnly=no' -T git@github.com
    If that doesn't work, could you share your output of: ssh -o 'IdentitiesOnly=no' -vT git@github.com

  • rohanb
    rohanb
    Community Member
    edited March 2022

    I did mess around with some additional setting sin my fish_config file and just redid the whole setup from the ground up.

    I updated my fish_config to contain this (previously it was wrapped in quotes)

    set SSH_AUTH_SOCK ~/.1password/agent.sock

    I now receive an error similar to the other questions on here.

    The agent has no identities.

    I did not have a Private named vault. Mine was called Personal. I did however create a new one called Private but that did not seem to help.

    With regards to the above:
    Output of ls -l $SSH_AUTH_SOCK

    lrwxr-xr-x  1 rohbue  1275873306  76 Mar 17 14:08 /Users/rohbue/.1password/agent.sock -> /Users/rohbue/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock

    And Output of ssh -o

    OpenSSH_8.9p1, OpenSSL 1.1.1m  14 Dec 2021
debug1: Reading configuration data /Users/rohbue/.ssh/config
debug1: /Users/rohbue/.ssh/config line 1: Applying options for *
debug1: /Users/rohbue/.ssh/config line 6: Ignored unknown option "usekeychain"
debug1: /Users/rohbue/.ssh/config line 13: Applying options for github.com
debug1: Reading configuration data /usr/local/etc/ssh/ssh_config
debug1: Connecting to github.com <OMITTED> port <OMITTED>.
debug1: Connection established.
debug1: identity file /Users/rohbue/.ssh/id_rsa type -1
debug1: identity file /Users/rohbue/.ssh/id_rsa-cert type -1
debug1: identity file /Users/rohbue/.ssh/id_ecdsa type -1
debug1: identity file /Users/rohbue/.ssh/id_ecdsa-cert type -1
debug1: identity file /Users/rohbue/.ssh/id_ecdsa_sk type -1
debug1: identity file /Users/rohbue/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /Users/rohbue/.ssh/id_ed25519 type -1
debug1: identity file /Users/rohbue/.ssh/id_ed25519-cert type -1
debug1: identity file /Users/rohbue/.ssh/id_ed25519_sk type -1
debug1: identity file /Users/rohbue/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /Users/rohbue/.ssh/id_xmss type -1
debug1: identity file /Users/rohbue/.ssh/id_xmss-cert type -1
debug1: identity file /Users/rohbue/.ssh/id_dsa type -1
debug1: identity file /Users/rohbue/.ssh/id_dsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.9
debug1: Remote protocol version 2.0, remote software version babeld-4f04c79d
debug1: compat_banner: no match: babeld-4f04c79d
debug1: Authenticating to github.com:22 as 'git'
debug1: load_hostkeys: fopen /Users/rohbue/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /usr/local/etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /usr/local/etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ssh-ed25519 <OMITTED>
debug1: load_hostkeys: fopen /Users/rohbue/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /usr/local/etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /usr/local/etc/ssh/ssh_known_hosts2: No such file or directory
debug1: Host 'github.com' is known and matches the ED25519 host key.
debug1: Found key in /Users/rohbue/.ssh/known_hosts:1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: get_agent_identities: ssh_fetch_identitylist: agent contains no identities
debug1: Will attempt key: /Users/rohbue/.ssh/id_rsa
debug1: Will attempt key: /Users/rohbue/.ssh/id_ecdsa
debug1: Will attempt key: /Users/rohbue/.ssh/id_ecdsa_sk
debug1: Will attempt key: /Users/rohbue/.ssh/id_ed25519
debug1: Will attempt key: /Users/rohbue/.ssh/id_ed25519_sk
debug1: Will attempt key: /Users/rohbue/.ssh/id_xmss
debug1: Will attempt key: /Users/rohbue/.ssh/id_dsa
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,ssh-ed25519,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /Users/rohbue/.ssh/id_rsa
debug1: Trying private key: /Users/rohbue/.ssh/id_ecdsa
debug1: Trying private key: /Users/rohbue/.ssh/id_ecdsa_sk
debug1: Trying private key: /Users/rohbue/.ssh/id_ed25519
debug1: Trying private key: /Users/rohbue/.ssh/id_ed25519_sk
debug1: Trying private key: /Users/rohbue/.ssh/id_xmss
debug1: Trying private key: /Users/rohbue/.ssh/id_dsa
debug1: No more authentication methods to try.
git@github.com: Permission denied (publickey).

    Also for what its worth... my .ssh/config not looks like this

    Host * 
  IgnoreUnknown UseKeychain
  IdentitiesOnly yes
  IdentityAgent ~/.1password/agent.sock
  AddKeysToAgent yes
  UseKeychain yes

# other gh alias for another team
Host smg.github.com
  HostName github.com
  User git
  IdentityFile ~/.ssh/rohan_smg_generated

# this is the gh im testing against / e.g my private gh acct
Host github.com
  HostName github.com
  User git
  # IdentityFile ~/.ssh/rohan_private_generated
  • rohanb
    rohanb
    Community Member

    Update, not sure if this could be relevant. I also looked in the log files per a comment in another post and saw this error.

    ERROR 2022-03-18T08:19:53.809 ThreadId(17) [1P:ssh/op-ssh-config/src/lib.rs:128] Could not open ssh config file in ~/.ssh/config
ERROR 2022-03-18T08:20:05.570 ThreadId(17) [1P:ssh/op-ssh-config/src/lib.rs:128] Could not open ssh config file in ~/.ssh/config

    And here are the 2 relevant vault's details from op vault get <vault_name>

     ~/.ssh  op vault get Private 
ID:                   <OMITTED>
Name:                 Private
Type:                 USER_CREATED
Attribute version:    1
Content version:      2
Items:                1
Created:              13 hours ago
Updated:              13 hours ago

 ~/.ssh  op vault get Personal
ID:                   <OMITTED>
Name:                 Personal
Type:                 PERSONAL
Attribute version:    1
Content version:      1332
Items:                413
Created:              4 years ago
Updated:              19 hours ago
  • floris_1P
    floris_1P

    Good to hear that the No such file or directory issue got solved! Now you're properly connected to the agent, but the next problem is that the agent doesn't list the keys you've created.

    We just detected a flaw in the docs that creates some confusion about the vault name, see this comment. So could you try moving the keys to your Personal vault and run ssh-add -l or ssh -o 'IdentitiesOnly=no' -T git@github.com again?

  • rohanb
    rohanb
    Community Member

    No success, unfortunately. (With the Keys in the Personal Vault)

     ~/.ssh  ssh-add -l 
The agent has no identities

 ~/.ssh  ssh -o 'IdentitiesOnly=no' -T git@github.com 
git@github.com: Permission denied (publickey).
  • floris_1P
    floris_1P

    Could you share the output of: sqlite3 ~/Library/Group\ Containers/2BUA8C4S2C.com.1password/Library/Application\ Support/1Password/Data/1password.sqlite 'select count(*) from objects where type = 3'

  • rohanb
    rohanb
    Community Member

    Its 0

  • floris_1P
    floris_1P

    Hmm, could you turn the agent off and on the 1Password settings and see if there's anything in the logs?

  • rohanb
    rohanb
    Community Member

    I assume you meant the SSH agent. So I did toggle that.

    1. I cleared the logs (made a backup first)
    2. Toggled both SSH + CLI

    There are 2 errors below: (included the into logs too fwiw)

    INFO  2022-03-18T12:49:49.842 tokio-runtime-worker(ThreadId(4)) [1P:native-messaging/op-native-core-integration/src/lib.rs:299] Setting has been toggled on/off, restarting native core integration
INFO  2022-03-18T12:49:49.842 tokio-runtime-worker(ThreadId(4)) [1P:native-messaging/op-native-core-integration/src/lib.rs:281] Starting IPC listener on 2BUA8C4S2C.com.1password.browser-helper
INFO  2022-03-18T12:49:49.842 tokio-runtime-worker(ThreadId(4)) [1P:op-ipc/src/ipc/xpc.rs:155] XPC starting connection


ERROR 2022-03-18T12:49:49.843 tokio-runtime-worker(ThreadId(4)) [1P:native-messaging/op-native-core-integration/src/connection_handler.rs:37] Dropping connection with b5x due to error handling outgoing message: EndConnection


INFO  2022-03-18T12:49:49.864 tokio-runtime-worker(ThreadId(10)) [1P:op-ipc/src/ipc/xpc.rs:197] XPC connected to 2BUA8C4S2C.com.1password.browser-helper
INFO  2022-03-18T12:49:49.864 tokio-runtime-worker(ThreadId(10)) [1P:native-messaging/op-native-core-integration/src/lib.rs:293] Active native core integration is awaiting messages
INFO  2022-03-18T12:49:49.864 tokio-runtime-worker(ThreadId(10)) [1P:native-messaging/op-native-core-integration/src/lib.rs:305] Extension connecting.
INFO  2022-03-18T12:49:49.864 tokio-runtime-worker(ThreadId(10)) [1P:native-messaging/op-native-core-integration/src/lib.rs:307] Extension connection accepted.
INFO  2022-03-18T12:49:58.267 tokio-runtime-worker(ThreadId(6)) [1P:ssh/op-agent-controller/src/desktop.rs:285] SSH Agent has started.
INFO  2022-03-18T12:50:00.319 tokio-runtime-worker(ThreadId(7)) [1P:native-messaging/op-native-core-integration/src/lib.rs:448] Enabling BrowserHelper with bundle id: 2BUA8C4S2C.com.1password.browser-helper
INFO  2022-03-18T12:50:00.325 tokio-runtime-worker(ThreadId(7)) [1P:native-messaging/op-native-core-integration/src/lib.rs:299] Setting has been toggled on/off, restarting native core integration
INFO  2022-03-18T12:50:00.325 tokio-runtime-worker(ThreadId(7)) [1P:native-messaging/op-native-core-integration/src/lib.rs:281] Starting IPC listener on 2BUA8C4S2C.com.1password.browser-helper
INFO  2022-03-18T12:50:00.325 tokio-runtime-worker(ThreadId(7)) [1P:op-ipc/src/ipc/xpc.rs:155] XPC starting connection


ERROR 2022-03-18T12:50:00.325 tokio-runtime-worker(ThreadId(7)) [1P:native-messaging/op-native-core-integration/src/connection_handler.rs:37] Dropping connection with b5x due to error handling outgoing message: EndConnection


INFO  2022-03-18T12:50:00.342 tokio-runtime-worker(ThreadId(6)) [1P:op-ipc/src/ipc/xpc.rs:197] XPC connected to 2BUA8C4S2C.com.1password.browser-helper
INFO  2022-03-18T12:50:00.342 tokio-runtime-worker(ThreadId(6)) [1P:native-messaging/op-native-core-integration/src/lib.rs:293] Active native core integration is awaiting messages
INFO  2022-03-18T12:50:00.342 tokio-runtime-worker(ThreadId(6)) [1P:native-messaging/op-native-core-integration/src/lib.rs:305] Extension connecting.
INFO  2022-03-18T12:50:00.342 tokio-runtime-worker(ThreadId(6)) [1P:native-messaging/op-native-core-integration/src/lib.rs:307] Extension connection accepted.
  • floris_1P
    floris_1P

    And another question, just to verify: when you moved the keys to your Personal vault, was that on the same machine where you're running the SSH agent on? Because for the SSH agent to sync your change, it needs to be unlocked once first.

  • rohanb
    rohanb
    Community Member
    edited March 2022

    All of this is on my local dev machine. 1P + SSH etc
    I mean... I could try physically restarting it... Which I haven't actually thought of doing yet 😂

    [Update]
    My Mac & 1Password has been Restarted & unlocked. No luck.

  • rohanb
    rohanb
    Community Member

    And I think in all of the moving backwards & forwards I might have not put the ssh keys in the right vault.

    I did verify it again now, and they keys are in the right vault. (I have 2 SSH keys... But I see that also causes an issue, because I don't know how to specify with 1Password to use which hey for which gh account, so for now, I'm just using the one)

    I have 2 MacBooks, a personal one, and one for work.

    My personal machine:

    • Worked fine. Did the upgrade to 1Password 8 (App + Browser Plugin).
    • SSH sees my keys + I can login to github

    Work machine:

     ~/.ssh  ssh-add -l 
# finally returns the key that is inside the vault! 🥳

 ~/.ssh  ssh -T git@github.com
# fails

 ~/.ssh  ssh -o 'IdentitiesOnly=no' -T git@github.com 
# succeeds! 🥳

    I then removed the IdentiesOnly flag from my .ssh/config and I can now login to gh using the SSH key stored in 1 Password.

    This is probably a question for another thread.

    But is there a way to specify which key to use for which gh repo?

    Host * 
  IgnoreUnknown UseKeychain
  AddKeysToAgent yes
  UseKeychain yes
  IdentityAgent "~/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock"

Host smg.github.com
  HostName github.com
  User git
  IdentityFile ~/.ssh/rohan_smg_generated. # I would like to move this to 1Password too

Host github.com
  HostName github.com
  User git
  • rohanb
    rohanb
    Community Member

    And solved it! 🥳

    Use this match key with host setup

  • floris_1P
    floris_1P

    Glad you got it working! The docs have been updated now to mention both the Private and Personal vault.

This discussion has been closed.