Error connecting to agent: No such file or directory

rohanb
rohanb
Community Member

I just saw the post & beta for SSH + CLI integration and this seems amazing. +1 Cant wait for the final release.

However, I'm unable to get this working at all.

  • I also use a shell called fishshell for what it's worth. (fish, version 3.3.1, but I do not believe this is part of the issue, as I swapped to bash too, and experience the same issue)
  • I have installed OpenSSH (OpenSSH_8.6p1)
  • 1P CLI is on version 2.0.0

I've run both the "configuration" commands per the docs.

I've created the symlink using

mkdir -p ~/.1password && ln -s ~/Library/Group\ Containers/2BUA8C4S2C.com.1password/t/agent.sock ~/.1password/agent.sock

...and added the additional line to the ssh config

Host * 
  IdentityAgent "~/.1password/agent.sock"
  IdentitiesOnly yes

I also added the SSH_AUTH_SOCK to my profile, even tried the global config from here

I've check that I have all the requirements.

  • Private vault
  • New Key generated via 1Password
  • Not archived

But when I run

ssh-add -l

I keep getting a response of Error connecting to agent: No such file or directory, and also any github cli interactions refuses to connect, but I believe its all caused by one in the same issue

Any ideas of what I might be missing?


1Password Version: 8.6.0
Extension Version: Not Provided
OS Version: 12.2.1 (21D62)
Referrer: forum-search:ssh

Comments

  • Can you share your output of:
    ls -l ~/Library/Group\ Containers/2BUA8C4S2C.com.1password/t/agent.sock

  • rohanb
    rohanb
    Community Member

    @floris_1P

    srw-------@ 1 rohbue  1275873306  0 Mar 17 15:11 /Users/rohbue/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock
    
  • And could share the output of: ls -l $SSH_AUTH_SOCK

    And could you try: ssh -o 'IdentitiesOnly=no' -T git@github.com
    If that doesn't work, could you share your output of: ssh -o 'IdentitiesOnly=no' -vT git@github.com

  • rohanb
    rohanb
    Community Member
    edited March 2022

    I did mess around with some additional setting sin my fish_config file and just redid the whole setup from the ground up.

    I updated my fish_config to contain this (previously it was wrapped in quotes)

    set SSH_AUTH_SOCK ~/.1password/agent.sock
    

    I now receive an error similar to the other questions on here.

    The agent has no identities.
    

    I did not have a Private named vault. Mine was called Personal. I did however create a new one called Private but that did not seem to help.

    With regards to the above:
    Output of ls -l $SSH_AUTH_SOCK

    lrwxr-xr-x  1 rohbue  1275873306  76 Mar 17 14:08 /Users/rohbue/.1password/agent.sock -> /Users/rohbue/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock
    

    And Output of ssh -o

    OpenSSH_8.9p1, OpenSSL 1.1.1m  14 Dec 2021
    debug1: Reading configuration data /Users/rohbue/.ssh/config
    debug1: /Users/rohbue/.ssh/config line 1: Applying options for *
    debug1: /Users/rohbue/.ssh/config line 6: Ignored unknown option "usekeychain"
    debug1: /Users/rohbue/.ssh/config line 13: Applying options for github.com
    debug1: Reading configuration data /usr/local/etc/ssh/ssh_config
    debug1: Connecting to github.com <OMITTED> port <OMITTED>.
    debug1: Connection established.
    debug1: identity file /Users/rohbue/.ssh/id_rsa type -1
    debug1: identity file /Users/rohbue/.ssh/id_rsa-cert type -1
    debug1: identity file /Users/rohbue/.ssh/id_ecdsa type -1
    debug1: identity file /Users/rohbue/.ssh/id_ecdsa-cert type -1
    debug1: identity file /Users/rohbue/.ssh/id_ecdsa_sk type -1
    debug1: identity file /Users/rohbue/.ssh/id_ecdsa_sk-cert type -1
    debug1: identity file /Users/rohbue/.ssh/id_ed25519 type -1
    debug1: identity file /Users/rohbue/.ssh/id_ed25519-cert type -1
    debug1: identity file /Users/rohbue/.ssh/id_ed25519_sk type -1
    debug1: identity file /Users/rohbue/.ssh/id_ed25519_sk-cert type -1
    debug1: identity file /Users/rohbue/.ssh/id_xmss type -1
    debug1: identity file /Users/rohbue/.ssh/id_xmss-cert type -1
    debug1: identity file /Users/rohbue/.ssh/id_dsa type -1
    debug1: identity file /Users/rohbue/.ssh/id_dsa-cert type -1
    debug1: Local version string SSH-2.0-OpenSSH_8.9
    debug1: Remote protocol version 2.0, remote software version babeld-4f04c79d
    debug1: compat_banner: no match: babeld-4f04c79d
    debug1: Authenticating to github.com:22 as 'git'
    debug1: load_hostkeys: fopen /Users/rohbue/.ssh/known_hosts2: No such file or directory
    debug1: load_hostkeys: fopen /usr/local/etc/ssh/ssh_known_hosts: No such file or directory
    debug1: load_hostkeys: fopen /usr/local/etc/ssh/ssh_known_hosts2: No such file or directory
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: algorithm: curve25519-sha256
    debug1: kex: host key algorithm: ssh-ed25519
    debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
    debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
    debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
    debug1: SSH2_MSG_KEX_ECDH_REPLY received
    debug1: Server host key: ssh-ed25519 <OMITTED>
    debug1: load_hostkeys: fopen /Users/rohbue/.ssh/known_hosts2: No such file or directory
    debug1: load_hostkeys: fopen /usr/local/etc/ssh/ssh_known_hosts: No such file or directory
    debug1: load_hostkeys: fopen /usr/local/etc/ssh/ssh_known_hosts2: No such file or directory
    debug1: Host 'github.com' is known and matches the ED25519 host key.
    debug1: Found key in /Users/rohbue/.ssh/known_hosts:1
    debug1: rekey out after 134217728 blocks
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug1: SSH2_MSG_NEWKEYS received
    debug1: rekey in after 134217728 blocks
    debug1: get_agent_identities: ssh_fetch_identitylist: agent contains no identities
    debug1: Will attempt key: /Users/rohbue/.ssh/id_rsa
    debug1: Will attempt key: /Users/rohbue/.ssh/id_ecdsa
    debug1: Will attempt key: /Users/rohbue/.ssh/id_ecdsa_sk
    debug1: Will attempt key: /Users/rohbue/.ssh/id_ed25519
    debug1: Will attempt key: /Users/rohbue/.ssh/id_ed25519_sk
    debug1: Will attempt key: /Users/rohbue/.ssh/id_xmss
    debug1: Will attempt key: /Users/rohbue/.ssh/id_dsa
    debug1: SSH2_MSG_EXT_INFO received
    debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,ssh-ed25519,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss>
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug1: Authentications that can continue: publickey
    debug1: Next authentication method: publickey
    debug1: Trying private key: /Users/rohbue/.ssh/id_rsa
    debug1: Trying private key: /Users/rohbue/.ssh/id_ecdsa
    debug1: Trying private key: /Users/rohbue/.ssh/id_ecdsa_sk
    debug1: Trying private key: /Users/rohbue/.ssh/id_ed25519
    debug1: Trying private key: /Users/rohbue/.ssh/id_ed25519_sk
    debug1: Trying private key: /Users/rohbue/.ssh/id_xmss
    debug1: Trying private key: /Users/rohbue/.ssh/id_dsa
    debug1: No more authentication methods to try.
    git@github.com: Permission denied (publickey).
    

    Also for what its worth... my .ssh/config not looks like this

    Host * 
      IgnoreUnknown UseKeychain
      IdentitiesOnly yes
      IdentityAgent ~/.1password/agent.sock
      AddKeysToAgent yes
      UseKeychain yes
    
    # other gh alias for another team
    Host smg.github.com
      HostName github.com
      User git
      IdentityFile ~/.ssh/rohan_smg_generated
    
    # this is the gh im testing against / e.g my private gh acct
    Host github.com
      HostName github.com
      User git
      # IdentityFile ~/.ssh/rohan_private_generated
    
  • rohanb
    rohanb
    Community Member

    Update, not sure if this could be relevant. I also looked in the log files per a comment in another post and saw this error.

    ERROR 2022-03-18T08:19:53.809 ThreadId(17) [1P:ssh/op-ssh-config/src/lib.rs:128] Could not open ssh config file in ~/.ssh/config
    ERROR 2022-03-18T08:20:05.570 ThreadId(17) [1P:ssh/op-ssh-config/src/lib.rs:128] Could not open ssh config file in ~/.ssh/config
    

    And here are the 2 relevant vault's details from op vault get <vault_name>

     ~/.ssh  op vault get Private 
    ID:                   <OMITTED>
    Name:                 Private
    Type:                 USER_CREATED
    Attribute version:    1
    Content version:      2
    Items:                1
    Created:              13 hours ago
    Updated:              13 hours ago
    
     ~/.ssh  op vault get Personal
    ID:                   <OMITTED>
    Name:                 Personal
    Type:                 PERSONAL
    Attribute version:    1
    Content version:      1332
    Items:                413
    Created:              4 years ago
    Updated:              19 hours ago
    
  • Good to hear that the No such file or directory issue got solved! Now you're properly connected to the agent, but the next problem is that the agent doesn't list the keys you've created.

    We just detected a flaw in the docs that creates some confusion about the vault name, see this comment. So could you try moving the keys to your Personal vault and run ssh-add -l or ssh -o 'IdentitiesOnly=no' -T git@github.com again?

  • rohanb
    rohanb
    Community Member

    No success, unfortunately. (With the Keys in the Personal Vault)

     ~/.ssh  ssh-add -l 
    The agent has no identities
    
     ~/.ssh  ssh -o 'IdentitiesOnly=no' -T git@github.com 
    git@github.com: Permission denied (publickey).
    
  • Could you share the output of: sqlite3 ~/Library/Group\ Containers/2BUA8C4S2C.com.1password/Library/Application\ Support/1Password/Data/1password.sqlite 'select count(*) from objects where type = 3'

  • rohanb
    rohanb
    Community Member

    Its 0

  • Hmm, could you turn the agent off and on the 1Password settings and see if there's anything in the logs?

  • rohanb
    rohanb
    Community Member

    I assume you meant the SSH agent. So I did toggle that.

    1. I cleared the logs (made a backup first)
    2. Toggled both SSH + CLI

    There are 2 errors below: (included the into logs too fwiw)

    INFO  2022-03-18T12:49:49.842 tokio-runtime-worker(ThreadId(4)) [1P:native-messaging/op-native-core-integration/src/lib.rs:299] Setting has been toggled on/off, restarting native core integration
    INFO  2022-03-18T12:49:49.842 tokio-runtime-worker(ThreadId(4)) [1P:native-messaging/op-native-core-integration/src/lib.rs:281] Starting IPC listener on 2BUA8C4S2C.com.1password.browser-helper
    INFO  2022-03-18T12:49:49.842 tokio-runtime-worker(ThreadId(4)) [1P:op-ipc/src/ipc/xpc.rs:155] XPC starting connection
    
    
    ERROR 2022-03-18T12:49:49.843 tokio-runtime-worker(ThreadId(4)) [1P:native-messaging/op-native-core-integration/src/connection_handler.rs:37] Dropping connection with b5x due to error handling outgoing message: EndConnection
    
    
    INFO  2022-03-18T12:49:49.864 tokio-runtime-worker(ThreadId(10)) [1P:op-ipc/src/ipc/xpc.rs:197] XPC connected to 2BUA8C4S2C.com.1password.browser-helper
    INFO  2022-03-18T12:49:49.864 tokio-runtime-worker(ThreadId(10)) [1P:native-messaging/op-native-core-integration/src/lib.rs:293] Active native core integration is awaiting messages
    INFO  2022-03-18T12:49:49.864 tokio-runtime-worker(ThreadId(10)) [1P:native-messaging/op-native-core-integration/src/lib.rs:305] Extension connecting.
    INFO  2022-03-18T12:49:49.864 tokio-runtime-worker(ThreadId(10)) [1P:native-messaging/op-native-core-integration/src/lib.rs:307] Extension connection accepted.
    INFO  2022-03-18T12:49:58.267 tokio-runtime-worker(ThreadId(6)) [1P:ssh/op-agent-controller/src/desktop.rs:285] SSH Agent has started.
    INFO  2022-03-18T12:50:00.319 tokio-runtime-worker(ThreadId(7)) [1P:native-messaging/op-native-core-integration/src/lib.rs:448] Enabling BrowserHelper with bundle id: 2BUA8C4S2C.com.1password.browser-helper
    INFO  2022-03-18T12:50:00.325 tokio-runtime-worker(ThreadId(7)) [1P:native-messaging/op-native-core-integration/src/lib.rs:299] Setting has been toggled on/off, restarting native core integration
    INFO  2022-03-18T12:50:00.325 tokio-runtime-worker(ThreadId(7)) [1P:native-messaging/op-native-core-integration/src/lib.rs:281] Starting IPC listener on 2BUA8C4S2C.com.1password.browser-helper
    INFO  2022-03-18T12:50:00.325 tokio-runtime-worker(ThreadId(7)) [1P:op-ipc/src/ipc/xpc.rs:155] XPC starting connection
    
    
    ERROR 2022-03-18T12:50:00.325 tokio-runtime-worker(ThreadId(7)) [1P:native-messaging/op-native-core-integration/src/connection_handler.rs:37] Dropping connection with b5x due to error handling outgoing message: EndConnection
    
    
    INFO  2022-03-18T12:50:00.342 tokio-runtime-worker(ThreadId(6)) [1P:op-ipc/src/ipc/xpc.rs:197] XPC connected to 2BUA8C4S2C.com.1password.browser-helper
    INFO  2022-03-18T12:50:00.342 tokio-runtime-worker(ThreadId(6)) [1P:native-messaging/op-native-core-integration/src/lib.rs:293] Active native core integration is awaiting messages
    INFO  2022-03-18T12:50:00.342 tokio-runtime-worker(ThreadId(6)) [1P:native-messaging/op-native-core-integration/src/lib.rs:305] Extension connecting.
    INFO  2022-03-18T12:50:00.342 tokio-runtime-worker(ThreadId(6)) [1P:native-messaging/op-native-core-integration/src/lib.rs:307] Extension connection accepted.
    
    
  • And another question, just to verify: when you moved the keys to your Personal vault, was that on the same machine where you're running the SSH agent on? Because for the SSH agent to sync your change, it needs to be unlocked once first.

  • rohanb
    rohanb
    Community Member
    edited March 2022

    All of this is on my local dev machine. 1P + SSH etc
    I mean... I could try physically restarting it... Which I haven't actually thought of doing yet 😂

    [Update]
    My Mac & 1Password has been Restarted & unlocked. No luck.

  • rohanb
    rohanb
    Community Member

    And I think in all of the moving backwards & forwards I might have not put the ssh keys in the right vault.

    I did verify it again now, and they keys are in the right vault. (I have 2 SSH keys... But I see that also causes an issue, because I don't know how to specify with 1Password to use which hey for which gh account, so for now, I'm just using the one)

    I have 2 MacBooks, a personal one, and one for work.

    My personal machine:

    • Worked fine. Did the upgrade to 1Password 8 (App + Browser Plugin).
    • SSH sees my keys + I can login to github

    Work machine:

     ~/.ssh  ssh-add -l 
    # finally returns the key that is inside the vault! 🥳
    
     ~/.ssh  ssh -T git@github.com
    # fails
    
     ~/.ssh  ssh -o 'IdentitiesOnly=no' -T git@github.com 
    # succeeds! 🥳
    

    I then removed the IdentiesOnly flag from my .ssh/config and I can now login to gh using the SSH key stored in 1 Password.

    This is probably a question for another thread.

    But is there a way to specify which key to use for which gh repo?

    Host * 
      IgnoreUnknown UseKeychain
      AddKeysToAgent yes
      UseKeychain yes
      IdentityAgent "~/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock"
    
    Host smg.github.com
      HostName github.com
      User git
      IdentityFile ~/.ssh/rohan_smg_generated. # I would like to move this to 1Password too
    
    Host github.com
      HostName github.com
      User git
    
  • rohanb
    rohanb
    Community Member

    And solved it! 🥳

    Use this match key with host setup

  • Glad you got it working! The docs have been updated now to mention both the Private and Personal vault.

This discussion has been closed.