SSH not working Agent Refused

richbai90

I am trying to integrate 1password into my SSH workflow but am getting the following error when I try to do a git pull

sign_and_send_pubkey: signing failed for RSA "Laptop Default" from agent: agent refused operation
git@github.com: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

The flow works like this:

1. XSession starts
2. xmonad is launched
3. xmonad spawns a startup script to perform setup
4. Startup script launches 1Password in silent and debug mode: 1password --silent --debug &
5. At this point the log indicates everything is working correctly:

INFO  2022-05-21T12:29:32.959 ThreadId(18) [client:typescript] Client starting.
INFO  2022-05-21T12:29:33.027 tokio-runtime-worker(ThreadId(5)) [1P:native-messaging/op-native-core-integration/src/lib.rs:281] Starting IPC listener on 1Password-BrowserSupport
INFO  2022-05-21T12:29:33.028 ThreadId(18) [1P:op-localization/src/lib.rs:228] system locale detected as 'en_US'
INFO  2022-05-21T12:29:33.028 ThreadId(18) [1P:op-localization/src/lib.rs:254] selected translations for EN_US based on detected locale en-US
INFO  2022-05-21T12:29:33.028 tokio-runtime-worker(ThreadId(5)) [1P:native-messaging/op-native-core-integration/src/lib.rs:293] Active native core integration is awaiting messages
INFO  2022-05-21T12:29:33.028 ThreadId(18) [status:op-app/src/app.rs:325] App::new(1Password for Linux/80800094 (EN_US), /home/$USER/.config/1Password/1password.sqlite)
INFO  2022-05-21T12:29:33.029 ThreadId(18) [1P:op-db/src/db.rs:120] Starting DB at version: 24
INFO  2022-05-21T12:29:33.030 ThreadId(18) [1P:ssh/op-ssh-config/src/lib.rs:229] agent configured
ERROR 2022-05-21T12:29:33.031 ThreadId(18) [1P:ffi/core-node/src/lib.rs:65] Attempted to notify uninitialized App
INFO  2022-05-21T12:29:33.032 op_executor:invocation_loop(ThreadId(23)) [1P:native-messaging/op-nm-installer/src/nix_utils.rs:68] Created NMH manifest at /home/$USER/.config/google-chrome/NativeMessagingHosts/com.1password.1password.json
INFO  2022-05-21T12:29:33.032 op_executor:invocation_loop(ThreadId(23)) [1P:native-messaging/op-nm-installer/src/nix_utils.rs:68] Created NMH manifest at /home/$USER/.config/google-chrome-beta/NativeMessagingHosts/com.1password.1password.json
INFO  2022-05-21T12:29:33.032 op_executor:invocation_loop(ThreadId(23)) [1P:native-messaging/op-nm-installer/src/nix_utils.rs:68] Created NMH manifest at /home/$USER/.config/google-chrome-unstable/NativeMessagingHosts/com.1password.1password.json
INFO  2022-05-21T12:29:33.032 op_executor:invocation_loop(ThreadId(23)) [1P:native-messaging/op-nm-installer/src/nix_utils.rs:68] Created NMH manifest at /home/$USER/.config/chromium/NativeMessagingHosts/com.1password.1password.json
INFO  2022-05-21T12:29:33.032 op_executor:invocation_loop(ThreadId(23)) [1P:native-messaging/op-nm-installer/src/nix_utils.rs:68] Created NMH manifest at /home/$USER/.config/microsoft-edge-dev/NativeMessagingHosts/com.1password.1password.json
INFO  2022-05-21T12:29:33.032 op_executor:invocation_loop(ThreadId(23)) [1P:native-messaging/op-nm-installer/src/nix_utils.rs:68] Created NMH manifest at /home/$USER/.config/BraveSoftware/Brave-Browser/NativeMessagingHosts/com.1password.1password.json
INFO  2022-05-21T12:29:33.033 op_executor:invocation_loop(ThreadId(23)) [1P:native-messaging/op-nm-installer/src/nix_utils.rs:68] Created NMH manifest at /home/$USER/.config/vivaldi/NativeMessagingHosts/com.1password.1password.json
INFO  2022-05-21T12:29:33.033 op_executor:invocation_loop(ThreadId(23)) [1P:native-messaging/op-nm-installer/src/nix_utils.rs:68] Created NMH manifest at /home/$USER/.config/vivaldi-snapshot/NativeMessagingHosts/com.1password.1password.json
INFO  2022-05-21T12:29:33.033 op_executor:invocation_loop(ThreadId(23)) [1P:native-messaging/op-nm-installer/src/nix_utils.rs:68] Created NMH manifest at /home/$USER/.mozilla/native-messaging-hosts/com.1password.1password.json
INFO  2022-05-21T12:29:33.033 op_executor:invocation_loop(ThreadId(23)) [1P:native-messaging/op-nm-installer/src/nix_utils.rs:83] Successfully installed all native messaging manifests.
INFO  2022-05-21T12:29:33.033 tokio-runtime-worker(ThreadId(1)) [1P:ssh/op-agent-controller/src/desktop.rs:311] SSH Agent has started.

5. Go to a local git repo and do a pull.
6. 1Password GUI launches and prompts for login.
7. After login I get the following error:

sign_and_send_pubkey: signing failed for RSA "Laptop Default" from agent: agent refused operation
git@github.com: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

8. The log now reads:

INFO  2022-05-21T12:44:17.983 tokio-runtime-worker(ThreadId(13)) [1P:foundation/op-sys-info/src/process_information/linux.rs:356] no GUI info available to determine top level parent
INFO  2022-05-21T12:44:17.988 tokio-runtime-worker(ThreadId(3)) [1P:ssh/op-ssh-agent/src/lib.rs:381] Session was not authorized
INFO  2022-05-21T12:44:18.189 tokio-runtime-worker(ThreadId(13)) [1P:op-app/src/app/backend/unlock.rs:238] System unlock was attempted but we cannot use it.
INFO  2022-05-21T12:44:18.192 tokio-runtime-worker(ThreadId(3)) [1P:op-app/src/app/backend/unlock.rs:238] System unlock was attempted but we cannot use it.
INFO  2022-05-21T12:44:41.205 tokio-runtime-worker(ThreadId(1)) [1P:op-data-layer/src/load.rs:136] loaded 2110 items in 4 vaults for account: SS44EEDLNRDQHBPQ5EE6RKML24
INFO  2022-05-21T12:44:41.214 op_executor:invocation_loop(ThreadId(23)) [1P:op-app/src/app/backend/unlock.rs:83] Lock state changed: Unlocked
INFO  2022-05-21T12:44:41.227 op_executor:invocation_loop(ThreadId(23)) [1P:op-app/src/app/backend/frontend.rs:24] Front end event: window closed
INFO  2022-05-21T12:44:42.359 tokio-runtime-worker(ThreadId(3)) [1P:op-syncer/src/sync_job.rs:285] synced account SS44EEDLNRDQHBPQ5EE6RKML24 (0.103258654s)
INFO  2022-05-21T12:44:42.359 tokio-runtime-worker(ThreadId(3)) [1P:op-data-layer/src/file.rs:597] find_and_complete_pending_uploads: 'SS44EEDLNRDQHBPQ5EE6RKML24'
INFO  2022-05-21T12:44:42.614 tokio-runtime-worker(ThreadId(1)) [1P:op-data-layer/src/sync.rs:529] The B5 Notifier for (SS44EEDLNRDQHBPQ5EE6RKML24) has connected, now monitoring for events.

9. Try a git pull again and same error occurs. The log reads:

INFO  2022-05-21T12:48:06.142 tokio-runtime-worker(ThreadId(3)) [1P:foundation/op-sys-info/src/process_information/linux.rs:356] no GUI info available to determine top level parent
INFO  2022-05-21T12:48:06.163 tokio-runtime-worker(ThreadId(2)) [1P:ssh/op-ssh-agent/src/lib.rs:381] Session was not authorized

I've attached the complete log file for examination also.

floris_1P

What Linux distro and version are you on? On Linux, it is currently required to have system authentication available and enabled in 1Password. Can you confirm that that's the case?