SSH Private Keys are not exported correctly from "op read" command
I am attempting to pull an SSH private key using the CLI, to then pipe it to the Windows ssh-agent (not the 1Password agent, as the laptop's policy prevents Windows Hello from being used). When I export the key using op read, it is in a different format than what the desktop client exports, and neither ssh-agent nor puttygen recognize the format. This thread describes the issue, but it has been closed without resolution: https://1password.community/discussion/128054/how-to-export-ssh-private-key-using-cli
The only workaround seems to be storing the key as a generic password, and then exporting it that way.
CLI Version 2.13.1
1Password Version: 8.9.14
Extension Version: Not Provided
OS Version: Windows 10
Browser:_ Not Provided
Comments
-
Hi @robbycuenot:
As it currently stands, exporting the private key of an SSH key from 1Password CLI will export in PKCS #8 format. We're currently investigating ways to improve this behavior. What might work in the meantime however is to save the text of the private key as an attachment in your SSH key item, like so:
With an item looking like this, you could access the OpenSSH formatted key using this command:
op read op://<vault name/UUID>/<item name/UUID>/id_ed25519Let me know how you get on with that!
Jack
0 -
This worked for me, thank you!
0 -
Perfect, I will close the ticket.
Cheers!
Amanda0
