"Host * IdentityAgent" required to connect to SFTP and "Host customname IdentityAgent" not working

petebocken
petebocken
Community Member
in SSH

I'm connecting SFTP with Transmit to a SiteGround server. I can connect just fine if I have Host * IdentityAgent "~/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock added to my ssh config.

However, if I remove that line and add it instead directly to my Host name, I cannot connect via SFTP. I receive error "Credentials were not accepted by the server." in Transmit.

So my Host entry is:

Host customname
    HostName domain.com
    Port 18765
    User username
    IdentityFile ~/.ssh/hostname.pub
    IdentitiesOnly yes
    IdentityAgent "~/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock"

It would make sense that the Host * is being used for all entries in my config file and removing it and adding it directly to this one entry should make no difference, correct?

1Password Version: 8.7.0
Extension Version: Not Provided
OS Version: macOS 12.3

Comments

  • floris_1P
    floris_1P

    Unlike most other SSH clients, Transmit currently does not support setting public keys as IdentityFile unfortunately, so you'll have to remove IdentityFile and IdentitiesOnly. It does support reading the IdentityAgent from either a specific host or from Host *.

  • petebocken
    petebocken
    Community Member

    OK, I removed IdentityFile and IdentitiesOnly from the specific host entry in config and it still won't connect in Transmit:

    Host customname
    HostName domain.com
    Port 18765
    User username
    IdentityAgent "~/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock"

    It still only works if I have the IdentityAgent set on Host *. But I can't use that because then it breaks SSH and SFTP with my aforementioned issue with DigitalOcean and SSH server six-key limit.

    So it appears that Transmit needs Host * in order for 1P ssh-agent to work, but only for some hosts. My config entries are the same HostName that I am using in Transmit, so I would figure it would see them just fine, correct?

    I think I'll have to abandon 1P SSH Keys completely for now. I can't figure out the correct combination of ssh config, which public and/or private keys need to be downloaded and/or loaded in Transmit. It's very possible everything would work fine if I used something else besides Transmit, but I'm not willing to give that up.

  • floris_1P
    floris_1P

    How are you configuring it in Transmit? This works for me:

    Host customname
    HostName domain.com
    Port 18765
    User username
    IdentityAgent "~/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock"

    So in Transmit I only provide the alias and leaving the rest with default settings.
    (I'm on Transmit 5.8.4)

  • petebocken
    petebocken
    Community Member

    OK, doing it this way seems to work. I still have some issues with a couple SiteGround and InMotion servers for some reason. But I think it's something outside of 1Password. I'll let you know.

  • floris_1P
    floris_1P

    Good to hear that you got it working well now with Transmit! For the SiteGround and InMotion servers, it might be the same problem as described here.

  • s3n
    s3n
    Community Member
    edited August 2022

    For me the issue was the same when I used SFTP with password auth.
    Adding IdentitiesOnly yes for these hosts before the Host * is what worked for me.
    So e.g:

    Host *.netcup.net
    IdentitiesOnly yes
    Host ssh.strato.de
    IdentitiesOnly yes
    Host *.your-server.de
    IdentitiesOnly yes
    Host *.1and1-data.host
    IdentitiesOnly yes

    Host *
    IdentityAgent "~/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock"

    (can't format as code, as the content is not visible then)

This discussion has been closed.