SSH Agent Not Working on macOS 12.4

wavesoundwavesound
Community Member
edited June 18 in SSH

After following this guide: https://developer.1password.com/docs/ssh/get-started , I enabled the SSH Agent on mac0S and I added the agent config to ~/.ssh/config as prescribed in Step 4 and verified that everything was enabled as prescribed in Step 3:

However, I'm not able to authenticate. When I go to SSH, I get the following error:

[email protected] Downloads % ssh [email protected] -L 2244:localhost:2244
sign_and_send_pubkey: signing failed for RSA "id_rsa_key1" from agent: agent refused operation
[email protected]: Permission denied (publickey).

When I run that, I get a prompt to use TouchID and then I get the failure message shown above.

I checked the key and confirmed that its RSA:

[email protected] Downloads % ssh-keygen -l -f id_rsa_key1.key
4096 SHA256:********** no comment (RSA)

I also checked for identities and get nothing:

[email protected] Downloads % ssh-add -l
The agent has no identities

Any idea what I'm doing wrong?


1Password Version: 8.7.1
Extension Version: Not Provided
OS Version: macOS 12.4

Comments

  • wavesoundwavesound
    Community Member

    I should add that in my case. I have two 1Password.com Accounts configured. The SSH key item is in the Private vault of one of the configured accounts. Could this be related to having two 1Password.com accounts?

  • holyjakholyjak
    Community Member

    Similar here. I had it actually working but then somehow the 1password agent stopped working, or rather running git started to request password in the CLI. I think this happened after I enabled biometric authentication for 1Password. I have now restarted my computer but still it does not work and git asks for the password in the CLI.

  • holyjakholyjak
    Community Member

    It is hard to troubleshoot without any troubleshooting instructions from 1Password :'( When I check the agent.sock that 1Passord asked me to add to my ssh config, I see it does not exist:

    ls ~/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock
    ls: /Users/me/Library/Group: No such file or directory
    ls: Containers/2BUA8C4S2C.com.1password/t/agent.sock: No such file or directory
    

    I have no idea whether that is a sign of a problem or expected.

  • holyjakholyjak
    Community Member

    Update: I fixed my problem - it stopped working b/c I moved the ssh key into a vault other than Personal or Private. Moving it back fixed the agent.

  • jody.h_1Pjody.h_1P

    Team Member

    @holyjak glad to see you were able to resolve the problem you were having!

    @wavesound I'd like to get a bit more info regarding your setup. Would you be able to submit an SSH diagnostics report as described in this guide?

  • wavesoundwavesound
    Community Member

    Hi @jody.h_1P

    I followed those steps. Upon my SSH connection and 1Password prompted me for Touch ID and then failed. However, no files are being placed in ~/Library/Group\ Containers/2BUA8C4S2C.com.1password/Library/Application\ Support/1Password/Data/ssh-diagnostics

  • wavesoundwavesound
    Community Member

    @jody.h_1P Any other thoughts?

  • floris_1Pfloris_1P

    Team Member

    @wavesound Do you see anything appear in the 1Password logs when running an SSH command? On macOS: ~/Library/Group Containers/2BUA8C4S2C.com.1password/Library/Application Support/1Password/Data/logs/1Password_rCURRENT.log

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file