ssh agent no longer working

KrystalDelusion
KrystalDelusion
Community Member
in SSH

I have been using the 1 password ssh agent without problem for the last 4 months or so, specifically for git commit signing/ssh repo access under WSL (and using VSCode). However I started running into issues about a week ago when trying to make a git commit in vscode getting an error along the lines of error: Load key "/tmp/.git_signing_key_tmplXrHNk": invalid format?. At the time I had been messing around with changing the hostname and mac address in WSL and assumed it was related to that. After setting everything back to normal and restarting socat/npiperelay I was able to get the ssh agent working fine yesterday, but it is now broken again today and I have been unable to fix it this time.

I used the instructions on this (third party) blog post for setting it up in WSL and the official 1password ssh docs to setup the Windows side.

Running ssh-add -l under WSL I am currently receiving the error error fetching identities: communication with agent failed, and under Windows (via command prompt, power shell, and gitbash/mingw) I get Error connecting to agent: No such file or directory. Running $ ssh -T git@github.com in Windows gives Load key "C:\\<redacted>/.ssh/id_ed25519.pub": invalid format git@github.com: Permission denied (publickey). At no point of any of that am I getting an authorisation request in 1password even though I was previously.

In the current log for 1password, I'm seeing a couple errors show up during launch of the app, but I don't know if they were there previously or are related:
INFO 2023-07-17T22:26:55.747 tokio-runtime-worker(ThreadId(5)) [1P:ssh\op-agent-controller\src\desktop.rs:614] SSH Agent has started. INFO 2023-07-17T22:26:55.747 tokio-runtime-worker(ThreadId(5)) [1P:ssh\op-agent-controller\src\desktop.rs:433] Starting filesystem watcher for SSH agent configuration directories... ERROR 2023-07-17T22:26:55.747 tokio-runtime-worker(ThreadId(5)) [1P:C:\builds\dev\core\core\ssh\op-agent-controller\src\desktop.rs:434] Generic Notify Error
...
INFO 2023-07-17T22:27:00.450 tokio-runtime-worker(ThreadId(5)) [1P:native-messaging\op-native-core-integration\src\lib.rs:324] Starting IPC listener on 1Password-BrowserSupport INFO 2023-07-17T22:27:00.450 tokio-runtime-worker(ThreadId(5)) [1P:native-messaging\op-native-core-integration\src\lib.rs:336] Active native core integration is awaiting messages INFO 2023-07-17T22:27:00.450 tokio-runtime-worker(ThreadId(5)) [1P:native-messaging\op-native-core-integration\src\lib.rs:361] Extension connecting. ERROR 2023-07-17T22:27:00.450 tokio-runtime-worker(ThreadId(5)) [1P:native-messaging\op-native-core-integration\src\lib.rs:541] Failed to accept new connection.: Io(Os { code: 5, kind: PermissionDenied, message: "Access is denied." }).

Turning the ssh agent off and on in the developer settings doesn't seem to reveal anything in particular:
INFO 2023-07-17T22:27:26.670 tokio-runtime-worker(ThreadId(8)) [status:op-app\src\app\backend\updater.rs:250] No Production updates found for 81008047 INFO 2023-07-17T22:27:31.464 tokio-runtime-worker(ThreadId(10)) [1P:ssh\op-agent-controller\src\desktop.rs:614] SSH Agent has started.
No further error messages or anything obvious.

The 1password app itself (and the firefox browser extension) seems to be working fine and I was able to create an account for these forums and login without any issue. I've restarted wsl, 1password, and the computer a few times but nothing seems to make it work. As far as I can tell the ssh agent just isn't receiving any requests and causing everything to time out, but I have no idea why. Any help would be greatly appreciated.

1Password Version: 8.10.8
Extension Version: Not Provided
OS Version: Windows 11/Ubuntu 20.04 under WSL
Browser: Not Provided

Comments

  • KrystalDelusion
    KrystalDelusion
    Community Member

    It's working again today, and aside from an OS sleep/wake or two I have no idea what has changed.

  • KrystalDelusion
    KrystalDelusion
    Community Member

    In case anyone else is reading this, it appears to be a race condition between starting socat and npiperelay or something. If WSL boots before 1password is open and logged in, the WSL script thinks it is connected but it isn't. To fix it I log into 1password, pkill socat, and then manually source ~/.agent-bridge.sh and it works again.

  • nicolo
    nicolo
    Community Member

    @KrystalDelusion Just wanted to inform you that I created an account just to tell you that you are the G.O.A.T. This solved my problems instantly. It also happens pretty much on every session. To the extend that i created an alias reset1p="pkill socat&&source ~./.agent-bridge.shalias...

This discussion has been closed.