SSH client not attempting keys returned from 1Password agent

adamrothmanadamrothman
Community Member

I have 2 computers, both running 1Password 8.9.8 on macOS 13 (Ventura). Both are logged into the same 1Password account and running the 1Password SSH agent. I have added the following 4 SSH keys to 1Password, which the agent reflects:

$ env | grep SSH     
SSH_AUTH_SOCK=/Users/adam/.1password/agent.sock

$ ssh-add -l
256 SHA256:eum8cgSeUH7RHKAltGdQIIRoZN8ly4Dm40Q0oKQjFw0 <redacted> (ED25519)
256 SHA256:NdEgj6UoJSWQrg82ueeHfWZxfzJmEAzbgUljZwQvShU <redacted> (ED25519)
256 SHA256:wyCOVP0JcH6DP9VuYdGUR+NW1Urxa3KapWSpX+mJ544 <redacted> (ED25519)
256 SHA256:mBCy6QPwWESMv3ugDluj7IMMmaMQ+iLO8vlPyeEL6PI <redacted> (ED25519)

The second key SHA256:NdEgj6UoJSWQrg82ueeHfWZxfzJmEAzbgUljZwQvShU is attached to my GitHub account.

On the first computer, the 1Password SSH agent works as expected. It returns 5 keys (there's another one from a different Vault), SSH attempts each of these, and I'm able to connect:

$ ssh -v -T [email protected]
OpenSSH_9.0p1, LibreSSL 3.3.6
...
debug1: get_agent_identities: agent returned 5 keys
debug1: Will attempt key: /Users/adam.rothman/.ssh/id_ed25519 ED25519 SHA256:ECMfEhvQ50ija9WO4N1Ip64/Jxa46oojpfurc2ZItz0 agent
debug1: Will attempt key: <redacted> ED25519 SHA256:eum8cgSeUH7RHKAltGdQIIRoZN8ly4Dm40Q0oKQjFw0 agent
debug1: Will attempt key: <redacted> ED25519 SHA256:NdEgj6UoJSWQrg82ueeHfWZxfzJmEAzbgUljZwQvShU agent
debug1: Will attempt key: <redacted> ED25519 SHA256:wyCOVP0JcH6DP9VuYdGUR+NW1Urxa3KapWSpX+mJ544 agent
debug1: Will attempt key: <redacted> ED25519 SHA256:mBCy6QPwWESMv3ugDluj7IMMmaMQ+iLO8vlPyeEL6PI agent
debug1: Will attempt key: /Users/adam.rothman/.ssh/id_rsa 
debug1: Will attempt key: /Users/adam.rothman/.ssh/id_ecdsa 
debug1: Will attempt key: /Users/adam.rothman/.ssh/id_ecdsa_sk 
debug1: Will attempt key: /Users/adam.rothman/.ssh/id_ed25519_sk 
debug1: Will attempt key: /Users/adam.rothman/.ssh/id_xmss 
debug1: Will attempt key: /Users/adam.rothman/.ssh/id_dsa
...
debug1: Offering public key: <redacted> ED25519 SHA256:NdEgj6UoJSWQrg82ueeHfWZxfzJmEAzbgUljZwQvShU agent
debug1: Server accepts key: <redacted> ED25519 SHA256:NdEgj6UoJSWQrg82ueeHfWZxfzJmEAzbgUljZwQvShU agent
Authenticated to github.com ([100.64.1.46]:22) using "publickey".
...
Hi adamrothman! You've successfully authenticated, but GitHub does not provide shell access.

On the second computer, the 1Password agent returns the 4 expected keys, but for reasons I don't understand, SSH does not attempting any of them:

$ ssh -v -T [email protected]
OpenSSH_9.0p1, LibreSSL 3.3.6
...
debug1: get_agent_identities: agent returned 4 keys
debug1: Will attempt key: /Users/adam/.ssh/id_rsa 
debug1: Will attempt key: /Users/adam/.ssh/id_ecdsa 
debug1: Will attempt key: /Users/adam/.ssh/id_ecdsa_sk 
debug1: Will attempt key: /Users/adam/.ssh/id_ed25519 
debug1: Will attempt key: /Users/adam/.ssh/id_ed25519_sk 
debug1: Will attempt key: /Users/adam/.ssh/id_xmss 
debug1: Will attempt key: /Users/adam/.ssh/id_dsa
...
debug1: No more authentication methods to try.
[email protected]: Permission denied (publickey).

The SSH configs on these 2 computers are not exactly the same, but I can't figure out what setting(s) might be preventing SSH from attempting the keys offered by the 1Password agent. This issue is not specific to github.com – it happens for all the SSH servers I've tried connecting to.

Thanks in advance for your help.


1Password Version: 8.9.8 (80908009)
Extension Version: N/A
OS Version: macOS Ventura 13.0.1 (22A400)
Browser:_ Chrome

Comments

  • Jack.P_1PJack.P_1P

    Team Member

    Hi @adamrothman:

    Would you be able to share your SSH config from your second computer? If there's things in your SSH config that you'd rather keep private, you can get in touch with us directly at [email protected], and we'll be able to take a look at your config via email instead.

    Jack

  • adamrothmanadamrothman
    Community Member

    Thanks for getting back to me @Jack.P_1P – I'm traveling through Dec 5 and therefore away from that second computer. I'll post the config when I get back.

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file