Can't get 1Password to successfully authenticate Mac SSH connections to CentOS 8

dov
dov
Community Member

I'm trying to configure SSH login on a Linux (CentOS) machine for my account, and I haven't done this before. It appears 1Password is configured correctly, with my SSH key present and exposed with the agent.toml file. When I try to connect, it looks like the publickey authentication method is failing and falling back to asking me for a password.

I added my public key to the ~/.ssh/authorized_keys using the ssh-copy-id tool, and it successfully added all of my 1Password keys, so I removed the ones I don't want to use for this system.

This is the output I get when I run ssh -v dfrankel@server before it asks for my password:

OpenSSH_9.0p1, LibreSSL 3.3.6
debug1: Reading configuration data /Users/dfrankel/.ssh/config
debug1: /Users/dfrankel/.ssh/config line 1: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 21: include /etc/ssh/ssh_config.d/* matched no files
debug1: /etc/ssh/ssh_config line 54: Applying options for *
debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling
debug1: Connecting to port 22.
debug1: Connection established.
debug1: identity file /Users/dfrankel/.ssh/id_rsa type -1
debug1: identity file /Users/dfrankel/.ssh/id_rsa-cert type -1
debug1: identity file /Users/dfrankel/.ssh/id_ecdsa type -1
debug1: identity file /Users/dfrankel/.ssh/id_ecdsa-cert type -1
debug1: identity file /Users/dfrankel/.ssh/id_ecdsa_sk type -1
debug1: identity file /Users/dfrankel/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /Users/dfrankel/.ssh/id_ed25519 type -1
debug1: identity file /Users/dfrankel/.ssh/id_ed25519-cert type -1
debug1: identity file /Users/dfrankel/.ssh/id_ed25519_sk type -1
debug1: identity file /Users/dfrankel/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /Users/dfrankel/.ssh/id_xmss type -1
debug1: identity file /Users/dfrankel/.ssh/id_xmss-cert type -1
debug1: identity file /Users/dfrankel/.ssh/id_dsa type -1
debug1: identity file /Users/dfrankel/.ssh/id_dsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_9.0
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.0
debug1: compat_banner: match: OpenSSH_8.0 pat OpenSSH* compat 0x04000000
debug1: Authenticating to :22 as 'dfrankel'
debug1: load_hostkeys: fopen /Users/dfrankel/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ssh-ed25519 SHA256:bIKZmcoAwveDiJINW9AV6syg7piU9AQUoc4a7P72H4Q
debug1: load_hostkeys: fopen /Users/dfrankel/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: Host '' is known and matches the ED25519 host key.
debug1: Found key in /Users/dfrankel/.ssh/known_hosts:36
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: get_agent_identities: agent returned 4 keys
debug1: Will attempt key: Orion Bitbucket ED25519 SHA256:gNjnKY5rBIF8bq1B5yKuL6tTE9UjIBPwfBURqXSSbeA agent
debug1: Will attempt key: ORIONAPPDEV2 dfrankel ED25519 SHA256:pPmrCpFKPzFhHW9YXu/eLZHOeNpuWVnUQIpuiqk5dSw agent
debug1: Will attempt key: SDLC Dev RSA SHA256:Qpz31vi3WLZZ8mr/efIgHhxeak1sMw12Nh7yvz+BCgs agent
debug1: Will attempt key: ORIONAPPDEV2 SSH Key ED25519 SHA256:CRL/jggXSHDymKXF2lissdR6HChHNaAu8A0+NAaDfOU agent
debug1: Will attempt key: /Users/dfrankel/.ssh/id_rsa
debug1: Will attempt key: /Users/dfrankel/.ssh/id_ecdsa
debug1: Will attempt key: /Users/dfrankel/.ssh/id_ecdsa_sk
debug1: Will attempt key: /Users/dfrankel/.ssh/id_ed25519
debug1: Will attempt key: /Users/dfrankel/.ssh/id_ed25519_sk
debug1: Will attempt key: /Users/dfrankel/.ssh/id_xmss
debug1: Will attempt key: /Users/dfrankel/.ssh/id_dsa
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Offering public key: Orion Bitbucket ED25519 SHA256:gNjnKY5rBIF8bq1B5yKuL6tTE9UjIBPwfBURqXSSbeA agent
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Offering public key: ORIONAPPDEV2 dfrankel ED25519 SHA256:pPmrCpFKPzFhHW9YXu/eLZHOeNpuWVnUQIpuiqk5dSw agent
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Offering public key: SDLC Dev RSA SHA256:Qpz31vi3WLZZ8mr/efIgHhxeak1sMw12Nh7yvz+BCgs agent
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Offering public key: ORIONAPPDEV2 SSH Key ED25519 SHA256:CRL/jggXSHDymKXF2lissdR6HChHNaAu8A0+NAaDfOU agent
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Trying private key: /Users/dfrankel/.ssh/id_rsa
debug1: Trying private key: /Users/dfrankel/.ssh/id_ecdsa
debug1: Trying private key: /Users/dfrankel/.ssh/id_ecdsa_sk
debug1: Trying private key: /Users/dfrankel/.ssh/id_ed25519
debug1: Trying private key: /Users/dfrankel/.ssh/id_ed25519_sk
debug1: Trying private key: /Users/dfrankel/.ssh/id_xmss
debug1: Trying private key: /Users/dfrankel/.ssh/id_dsa
debug1: Next authentication method: password


1Password Version: 8.10.9
Extension Version: 2.14.1
OS Version: macOS 13.4.1, centOS 8
Browser: n/a

This discussion has been closed.