SSH stopped working

tsauer
tsauer
Community Member
edited November 2022 in SSH

After upgrading to the latest beta version on Windows 11, ssh stopped working.
When I try to ssh into my server, authentication fails and defaults to the password prompt.
The same ssh key still works perfectly fine on my MacOS machine where it was manually added to the ssh agent (so no 1password is involved there).


1Password Version: 1Password for Windows 8.9.10 (80910026)
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided

Comments

  • Hi @tsauer:

    Thanks for reaching out about this. Taking a closer look at your setup would likely be best. Are you able to share a verbose output of your SSH command? To do this, add -v to the ssh command. For example, ssh -v [email protected]. If you'd prefer to share it over email, please email it to [email protected] and include a link to this thread, and we'll be able to take a look that way.

    Jack

  • tsauer
    tsauer
    Community Member

    Sure thing. I hope I replaced all sensitive information.

    ssh -v [email protected]
    OpenSSH_for_Windows_8.6p1, LibreSSL 3.4.3
    debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling
    debug1: Connecting to replaced-domain.com [*ip-replaced*] port 22.
    debug1: Connection established.
    debug1: identity file C:\\Users\\thoma/.ssh/id_rsa type -1
    debug1: identity file C:\\Users\\thoma/.ssh/id_rsa-cert type -1
    debug1: identity file C:\\Users\\thoma/.ssh/id_dsa type -1
    debug1: identity file C:\\Users\\thoma/.ssh/id_dsa-cert type -1
    debug1: identity file C:\\Users\\thoma/.ssh/id_ecdsa type -1
    debug1: identity file C:\\Users\\thoma/.ssh/id_ecdsa-cert type -1
    debug1: identity file C:\\Users\\thoma/.ssh/id_ecdsa_sk type -1
    debug1: identity file C:\\Users\\thoma/.ssh/id_ecdsa_sk-cert type -1
    debug1: identity file C:\\Users\\thoma/.ssh/id_ed25519 type -1
    debug1: identity file C:\\Users\\thoma/.ssh/id_ed25519-cert type -1
    debug1: identity file C:\\Users\\thoma/.ssh/id_ed25519_sk type -1
    debug1: identity file C:\\Users\\thoma/.ssh/id_ed25519_sk-cert type -1
    debug1: identity file C:\\Users\\thoma/.ssh/id_xmss type -1
    debug1: identity file C:\\Users\\thoma/.ssh/id_xmss-cert type -1
    debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.6
    debug1: Remote protocol version 2.0, remote software version OpenSSH_8.9p1 Ubuntu-3
    debug1: compat_banner: match: OpenSSH_8.9p1 Ubuntu-3 pat OpenSSH* compat 0x04000000
    debug1: Authenticating to replaced-domain.com:22 as 'user'
    debug1: load_hostkeys: fopen C:\\Users\\thoma/.ssh/known_hosts2: No such file or directory
    debug1: load_hostkeys: fopen __PROGRAMDATA__\\ssh/ssh_known_hosts: No such file or directory
    debug1: load_hostkeys: fopen __PROGRAMDATA__\\ssh/ssh_known_hosts2: No such file or directory
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: algorithm: curve25519-sha256
    debug1: kex: host key algorithm: ssh-ed25519
    debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
    debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
    debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
    debug1: SSH2_MSG_KEX_ECDH_REPLY received
    debug1: Server host key: ssh-ed25519 SHA256:*replaced*
    debug1: load_hostkeys: fopen C:\\Users\\thoma/.ssh/known_hosts2: No such file or directory
    debug1: load_hostkeys: fopen __PROGRAMDATA__\\ssh/ssh_known_hosts: No such file or directory
    debug1: load_hostkeys: fopen __PROGRAMDATA__\\ssh/ssh_known_hosts2: No such file or directory
    debug1: Host 'replaced-domain.com' is known and matches the ED25519 host key.
    debug1: Found key in C:\\Users\\thoma/.ssh/known_hosts:1
    debug1: rekey out after 134217728 blocks
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug1: SSH2_MSG_NEWKEYS received
    debug1: rekey in after 134217728 blocks
    debug1: Will attempt key: id_rsa RSA SHA256:*replaced* agent
    debug1: Will attempt key: id_ed25519 ED25519 SHA256:*replaced* agent
    debug1: Will attempt key: C:\\Users\\thoma/.ssh/id_rsa
    debug1: Will attempt key: C:\\Users\\thoma/.ssh/id_dsa
    debug1: Will attempt key: C:\\Users\\thoma/.ssh/id_ecdsa
    debug1: Will attempt key: C:\\Users\\thoma/.ssh/id_ecdsa_sk
    debug1: Will attempt key: C:\\Users\\thoma/.ssh/id_ed25519
    debug1: Will attempt key: C:\\Users\\thoma/.ssh/id_ed25519_sk
    debug1: Will attempt key: C:\\Users\\thoma/.ssh/id_xmss
    debug1: SSH2_MSG_EXT_INFO received
    debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,[email protected],ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected]>
    debug1: kex_input_ext_info: [email protected] (unrecognised)
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug1: Authentications that can continue: publickey,password
    debug1: Next authentication method: publickey
    debug1: Offering public key: id_rsa RSA SHA256:*replaced* agent
    debug1: Server accepts key: id_rsa RSA SHA256:*replaced* agent
    sign_and_send_pubkey: signing failed for RSA "id_rsa" from agent: agent refused operation
    debug1: Offering public key: id_ed25519 ED25519 SHA256:*replaced* agent
    debug1: Authentications that can continue: publickey,password
    debug1: Trying private key: C:\\Users\\thoma/.ssh/id_rsa
    debug1: Trying private key: C:\\Users\\thoma/.ssh/id_dsa
    debug1: Trying private key: C:\\Users\\thoma/.ssh/id_ecdsa
    debug1: Trying private key: C:\\Users\\thoma/.ssh/id_ecdsa_sk
    debug1: Trying private key: C:\\Users\\thoma/.ssh/id_ed25519
    debug1: Trying private key: C:\\Users\\thoma/.ssh/id_ed25519_sk
    debug1: Trying private key: C:\\Users\\thoma/.ssh/id_xmss
    debug1: Next authentication method: password
    [email protected]'s password:
    
  • Hey @tsauer:

    Thanks for sharing that. It seems like your SSH agent is offering keys successfully, so the next step is to take a closer look at 1Password itself. I'd like to ask you to create a diagnostics report from your Windows PC:

    Sending Diagnostics Reports (Windows)

    Attach the diagnostics to an email message addressed to [email protected].

    With your email please include:

    You should receive an automated reply from our BitBot assistant with a Support ID number. Please post that number here. Thanks very much!

  • tsauer
    tsauer
    Community Member

    It works again after the most recent stable update (1Password for Windows 8.9.10 (80910043))

  • Hi @tsauer:

    Glad to hear it. Please get in touch if there's anything else we can help you with.

    Jack

This discussion has been closed.