SSH MacBook to iMac using TouchID?

MrC
MrC
Volunteer Moderator
edited May 2023 in SSH

I probably spent too much time on this today, but I'm simply failing to be able to use 1Password via TouchID to authenticate my SSH connection from my MacBook to my iMac.

The -v output shows the id_ed25519 pub key is being offered. The listed auth methods are:

debug1: Authentications that can continue: publickey,password,keyboard-interactive

but the next lines says

debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: keyboard-interactive

and of course I get the password prompt in iTerm.

ssh-add -l lists my key.

I've never had 1Password prompt me. If I leave the password prompt waiting my response, eventually I see the log shows an ssh authorization timeout.

Am I just daft? If so, hit me with the clue stick please.

1Password Version: 8.10.6 beta channel
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided

Comments

  • Jack.P_1P
    Jack.P_1P

    Hey @MrC:

    Great question! If you go to the Developer section of settings in 1Password, and change one of the SSH related settings, does that improve your state of play? Let me know.

    Jack

  • MrC
    MrC
    Volunteer Moderator

    Hi @Jack.P_1P

    I recall reading that tip, but it has had no affect for me. I've toggled or changed each of the settings in that area of the dialog, restarted 1Password. Still the same thing.

  • MartonS1P
    MartonS1P

    Hey @MrC!

    Please try updating to the latest version of the 1Password app. If the issue still persists, could you please reproduce the bug, check the 1Password app's logs and let us know if you see any lines related to ssh? You can find the logs under Help -> Troubleshooting -> Open logs folder, then opening the log file that has CURRENT in its name.

    Thanks,
    Márton

  • floris_1P
    floris_1P

    Do the ssh -v logs only show that the key is being offered or also that it has been accepted by the server you're trying to connect to?

    So not only:
    debug1: Offering public key

    But also:
    debug1: Server accepts key

  • MrC
    MrC
    Volunteer Moderator

    I'm at version 8.10.7 beta.

    Here's what I get:

  • floris_1P
    floris_1P

    Looking at the -v logs, it seems that the server never accepted the public key. Are you sure the public key is correctly configured in the server's authorized_keys file?

  • MrC
    MrC
    Volunteer Moderator

    @floris_1P

    That was exactly the issue. For some reason, my brain was stuck in magic thinking mode. I'd thought 1Password's agents were conveying the credentials, and the server was picking up my private key within the id_ed25519 file itself. I haven't used key-based authorizations in a few decades, and clearly forgot all the details.

    Perhaps some instructions about how to set this up might be useful. The info I've read only focuses on Github authorizations.

    Thanks.

This discussion has been closed.