Can we have an option to allow the deprecated and insecure ssh-rsa signing?

PurplProtoPurplProto
Community Member
in SSH

I've had good success moving my keys over to 1Pass now, but sadly I still cannot move my work SSH key over. This isn't the fault of 1Pass at all, but the fault of none other than Microsoft, surprise surprise...

I can't use any Git interactions with my company's repositories using 1Pass' agent since the remote server only supports RSA/SHA1 (ssh-rsa) signing:

debug2: peer server KEXINIT proposal
debug2: KEX algorithms: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha256
debug2: host key algorithms: ssh-rsa
debug2: ciphers ctos: aes256-cbc,aes192-cbc,aes128-cbc,aes128-ctr,aes256-ctr
debug2: ciphers stoc: aes256-cbc,aes192-cbc,aes128-cbc,aes128-ctr,aes256-ctr
debug2: MACs ctos: hmac-sha2-256,hmac-sha2-512
debug2: MACs stoc: hmac-sha2-256,hmac-sha2-512
debug2: compression ctos: none
debug2: compression stoc: none
debug2: languages ctos:
debug2: languages stoc:

And thus 1Pass will correctly refuse to sign the Git operations. Microsoft, again, unsurprisingly suggests using the insecure option instead of fixing the issue...

Is it possible to have some kind of option to allow RSA/SHA1 signing, may it be hidden or made available in some way, with a warning to go with it?


1Password Version: 8.8.0 (80800093)
Extension Version: 2.3.4
OS Version: Windows 10 Pro (21H2)

Comments

  • floris_1Pfloris_1P

    Team Member

    We're planning to add support for SHA-1 ssh-rsa in the near future. We'll keep you posted here!

  • PurplProtoPurplProto
    Community Member

    Awesome! Thank you guys for making a great product πŸ’œ

  • floris_1Pfloris_1P

    Team Member

    @PurplProto We've added support to the agent for legacy ssh-rsa connections. Available in the latest 1Password beta!

  • PurplProtoPurplProto
    Community Member

    @floris_1P That's awesome news!

    And thanks for remembering to reply as well πŸ˜„

  • PurplProtoPurplProto
    Community Member

    Happy to report it's working well. Thanks again to the 1Pass team πŸ’œ

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file