VSC Remote SSH Host With Terminal

zuel
zuel
Community Member

Using Visual Studio Code with the Remote SSH extension initially works with 1Password and I get the auth prompt to open the workspace. When opening a terminal inside VSC and attempting to use git on the remote machine the auth prompt for 1Password opens on the remote machine.

Workaround for now is to VNC into the remote machine to pass the auth prompt but would be nice if somehow could get the prompt on the host machine.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided

Comments

  • You can achieve that with agent forwarding. In your local SSH config, add ForwardAgent yes to the host you're connecting to:

    Host your-remote-dev-host
      ForwardAgent yes
    
  • zuel
    zuel
    Community Member

    I tried adding agent forwarding directly to the ssh config (also n.b. vs code ssh extension was already configured to forward) but no difference.

    I should note that both machines have 1password ssh agent setup.

  • Which OS is the remote machine on?

  • zuel
    zuel
    Community Member

    The remote machine is ubuntu 21.04 and the other machine is windows 11 pro 21H2.

  • What's good to note is that IdentityAgent takes precedence over SSH_AUTH_SOCK. That can be a bit inconvenient in an agent forwarding setup when the remote machine has the 1Password agent configured as well.

    To see if agent forwarding works for you, could you try running the following command on the (forwarded) remote machine: ssh -o IdentityAgent="$SSH_AUTH_SOCK" -T git@github.com and see if you then get the Windows Hello prompt?

  • friendly
    friendly
    Community Member
    edited October 2022

    I can't seem to make remote VS Code shell ask for local 1Password key. I connect from my Mac to a Windows 10 Pro GitBash shell.

    Here's my ~/.ssh/config:

    Host *
      IdentityAgent "~/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock"
      ForwardAgent yes
    

    Here's my ~/.zprofile:

    export SSH_AUTH_SOCK=~/Library/Group\ Containers/2BUA8C4S2C.com.1password/t/agent.sock
    

    1Password asks for my fingerprint when I open my remote workspace and connects fine. But then any ssh connections from within the remote shell don't work as if there was no special setup involved. I am not sure how ForwardAgent should work but I don't see any new environment variables inside the remote shell.

    I tried to connect to PowerShell (default shell) manually from iTerm and also get no working IdentityAgent inside the remote.

    What can be wrong? Is it a supported setup?

    P.S. When I try the command on my local machine I get:

    command-line line 0: garbage at end of line; "Containers/2BUA8C4S2C.com.1password/t/agent.sock".
    

    When I try it on a remote machine, it fails as the $SSH_AUTH_SOCK is not set

  • nyoungb2
    nyoungb2
    Community Member

    @floris_1P are there any updates on this, and this there clear documentation on how to do this (or alternatively warnings in the docs if it cannot be done)?

    I do all of my work using VS Code devcontainers (using a docker image) & remote ssh. Trying to use either the 1password CLI and/or the 1password VS Code extension with this setup is a pain in many ways.

This discussion has been closed.