SSH setup on Windows - Permission Denied error
I've been working to set up my SSH agent with 1Password as per today's release on my computers. I was able to set it up on macOS, but Windows is giving me an issue where the ssh agent can't find the key generated by 1Password. Running the test command ssh -T git@github.com simply yields the git@github.com: Permission denied (publickey). error.
What's the best practice to set this up in the case where 1Password generated the ssh key?
GitHub does have my key. To be clear, this works on my macOS devices, but not on Windows.
1Password Version: 8.9.5
Extension Version: Not Provided
OS Version: Windows 11 Pro for Workstations
Browser:_ Chrome
Comments
-
Could you provide the output of:
ssh -vT git@github.com
And of:
ssh-add -l
0 -
Certainly. The output is as follows:
❯ ssh -vT git@github.com OpenSSH_for_Windows_8.9p1, LibreSSL 3.4.3 debug1: Reading configuration data C:\\Users\\Kyle/.ssh/config debug1: C:\\Users\\Kyle/.ssh/config line 1: Applying options for * debug1: Connecting to github.com [192.30.255.112] port 22. debug1: Connection established. debug1: identity file C:\\Users\\Kyle/.ssh/id_rsa type -1 debug1: identity file C:\\Users\\Kyle/.ssh/id_rsa-cert type -1 debug1: identity file C:\\Users\\Kyle/.ssh/id_ecdsa type -1 debug1: identity file C:\\Users\\Kyle/.ssh/id_ecdsa-cert type -1 debug1: identity file C:\\Users\\Kyle/.ssh/id_ecdsa_sk type -1 debug1: identity file C:\\Users\\Kyle/.ssh/id_ecdsa_sk-cert type -1 debug1: identity file C:\\Users\\Kyle/.ssh/id_ed25519 type -1 debug1: identity file C:\\Users\\Kyle/.ssh/id_ed25519-cert type -1 debug1: identity file C:\\Users\\Kyle/.ssh/id_ed25519_sk type -1 debug1: identity file C:\\Users\\Kyle/.ssh/id_ed25519_sk-cert type -1 debug1: identity file C:\\Users\\Kyle/.ssh/id_xmss type -1 debug1: identity file C:\\Users\\Kyle/.ssh/id_xmss-cert type -1 debug1: identity file C:\\Users\\Kyle/.ssh/id_dsa type -1 debug1: identity file C:\\Users\\Kyle/.ssh/id_dsa-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.9 debug1: Remote protocol version 2.0, remote software version babeld-81baa361 debug1: compat_banner: no match: babeld-81baa361 debug1: Authenticating to github.com:22 as 'git' debug1: load_hostkeys: fopen C:\\Users\\Kyle/.ssh/known_hosts2: No such file or directory debug1: load_hostkeys: fopen __PROGRAMDATA__\\ssh/ssh_known_hosts: No such file or directory debug1: load_hostkeys: fopen __PROGRAMDATA__\\ssh/ssh_known_hosts2: No such file or directory debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: algorithm: curve25519-sha256 debug1: kex: host key algorithm: ssh-ed25519 debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: SSH2_MSG_KEX_ECDH_REPLY received debug1: Server host key: ssh-ed25519 SHA256:+DiY3wvvV6TuJJhbpZisF/zLDA0zPMSvHdkr4UvCOqU debug1: load_hostkeys: fopen C:\\Users\\Kyle/.ssh/known_hosts2: No such file or directory debug1: load_hostkeys: fopen __PROGRAMDATA__\\ssh/ssh_known_hosts: No such file or directory debug1: load_hostkeys: fopen __PROGRAMDATA__\\ssh/ssh_known_hosts2: No such file or directory debug1: Host 'github.com' is known and matches the ED25519 host key. debug1: Found key in C:\\Users\\Kyle/.ssh/known_hosts:1 debug1: rekey out after 134217728 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: rekey in after 134217728 blocks debug1: get_agent_identities: ssh_get_authentication_socket: No such file or directory debug1: Will attempt key: C:\\Users\\Kyle/.ssh/id_rsa debug1: Will attempt key: C:\\Users\\Kyle/.ssh/id_ecdsa debug1: Will attempt key: C:\\Users\\Kyle/.ssh/id_ecdsa_sk debug1: Will attempt key: C:\\Users\\Kyle/.ssh/id_ed25519 debug1: Will attempt key: C:\\Users\\Kyle/.ssh/id_ed25519_sk debug1: Will attempt key: C:\\Users\\Kyle/.ssh/id_xmss debug1: Will attempt key: C:\\Users\\Kyle/.ssh/id_dsa debug1: SSH2_MSG_EXT_INFO received debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,ssh-ed25519,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,rsa-sha2-512,rsa-sha2-256,ssh-rsa> debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey debug1: Next authentication method: publickey debug1: Trying private key: C:\\Users\\Kyle/.ssh/id_rsa debug1: Trying private key: C:\\Users\\Kyle/.ssh/id_ecdsa debug1: Trying private key: C:\\Users\\Kyle/.ssh/id_ecdsa_sk debug1: Trying private key: C:\\Users\\Kyle/.ssh/id_ed25519 debug1: Trying private key: C:\\Users\\Kyle/.ssh/id_ed25519_sk debug1: Trying private key: C:\\Users\\Kyle/.ssh/id_xmss debug1: Trying private key: C:\\Users\\Kyle/.ssh/id_dsa debug1: No more authentication methods to try. git@github.com: Permission denied (publickey).
❯ ssh-add -l 256 SHA256:iDHYAgQKPtwY3Jv6LyqfDZ6iZIhmL3So0we+EN88wQ4 1Password SSH Key (ED25519)
0 -
Hi there, any suggestions?
0 -
Could you share your SSH config?
0 -
In the /.ssh config file:
Host * IdentityAgent "~/.1password/agent.sock"0 -
Ah, that explains the error that you're seeing. In OpenSSH for Windows, the agent communication does not happen over a socket like it does on macOS or Linux, but over the
\\.\pipe\openssh-ssh-agentpipe.This actually happens automatically, so you don't have set
IdentityAgentin your SSH config. Could you try removing that snippet and run the SSH command again?0 -
Ah-ha, that did it. Interesting, I believe I added that erroneous config as a troubleshooting step, but as you say it's working automatically now that it has been removed. Thanks for the help!
0
