ssh-agent stopped working

Support ID number:
→ LTY-31416-387

Will do 👍 Thanks!

Hi chris79s:

The best bet here would be us taking a closer look at your specific setup.I'd like to ask you to create a diagnostics report from your Mac:

Sending Diagnostics Reports (Mac)

Attach the diagnostics to an email message addressed to support+forum@1password.com.

With your email please include:

• A link to this thread: https://1password.community/discussion/130082/ssh-agent-stopped-working#latest
• Your forum username: chris79s

You should receive an automated reply from our BitBot assistant with a Support ID number.  Please post that number here.  Thanks very much!

ravron:

I'm still digging into this on my end, I'll be sure to circle back when I know more. Thanks!

Jack

New MacBook Pro M2

• 1Password for Mac 8.10.0 (81000055) (on PRODUCTION channel) (via homebrew)
• macOS 13.2.1 22D68 arm64
• normal, stock Terminal.app

Time Machine restore from an Intel MBPro


$ ssh-add -l
The agent has no identities.



$ ssh -vT git@github.com
[…]
debug1: Will attempt key: ED25519 SHA256:S5[…]8M agent
[…]
debug1: Offering public key: ED25519 SHA256:S5[…]8M agent
[…]
debug1: No more authentication methods to try.
git@github.com: Permission denied (publickey).


ED25519 SHA256:S5[…]8M key is the correct key

1. Complete un-install → reboot → re-install is of no use (yes, all files in ~/Library)
2. Moved all ssh keys out of and back into "Personal" vault (in personal account)

I've spent hours on this today…

Still not working 😕 going to bed

It looks like version 8.10.0 has adjusted the behavior. The release notes say:

The SSH agent will now show an “Unknown app” auth prompt for apps that aren’t supported instead of rejecting the request.

Sure enough, I'm no longer seeing failures when I run my test script. Instead, 1P requests my fingerprint significantly more often. The first time I try to sign a commit in a new shell, the prompt is exactly as before:

But on later commit signatures, when I believe it would have failed prior to version 8.10.0, it now says that "op-ssh-sign" is requesting to do the signature:

This suggests that 1P is still frequently (but not always!) unable to identify the requesting app, but is falling back rather than failing entirely as it would before 8.10.0. This is still a better experience than having >50% of my SSH key operations fail, but it does mean I have to authenticate way too often. Unfortunately, now that the SSH operations don't fail entirely, running test scripts to keep trying to track down the issue is marginally more annoying.

I'm not sure if you all do this sort of thing, but feel free to contact me privately if an engineer over there would be willing to investigate this live with me.

Okay, found workaround; seems that something in a recent beta changed for the SSH agent somewhat significantly; different UI elements from the previous versions as well. Shut system down, restarted, still had error, but, found that for some reason the update disabled my Apple Watch, so, the error about refusing operation was really about not having a biometric device connected (looked in Console logs).

1P was working fine on my MacPro until a recent restart, which also installed a new Beta of 1Password (not Ventura).
sign_and_send_pubkey: signing failed for ED25519 "whatever" from agent: agent refused operation

Using:
1Password for Mac 8.10.0 (81000032)

I'm being forced onto "Nightly" version, for whatever reason (not by choice, tried Production, rebooting, etc, but, I keep being forced into Nightly).

Tried with Apple Terminal, as well as Warp terminal. Prefer Warp.

Worked this morning, now all ssh is broken for authentication whilst I undo the use of 1P.

Thanks folks!

Same. :)

[#KIL-32375-262]

Done, the support ID is [#MWS-48134-783]. Thank you!