Ed25519 keys generated with 1Password cannot be loaded in macOS OpenSSH

andyshinn
andyshinn
Community Member
edited May 2022 in SSH

When I generate a Ed25519 key in 1Password and try to copy out the private key manually for use there is an error. Adding the key to the keychain complains with:

❯ ssh-add ~/.ssh/looker_govqa  
Error loading key "/Users/ashinn/.ssh/looker_govqa": invalid format

It would be nice if there was a way to export this in a format that works natively with ssh-add.


1Password Version: 8.8.0
Extension Version: 80800011
OS Version: macOS 12.3.1

Comments

  • The format you get when copying the key is indeed not the right format that ssd-add accepts for Ed25519 keys. This is something we're looking to improve, but what should already work in the mean time is if you use the Download option instead.

    Out of curiosity, what makes you want to export the private key? Is there a place where the 1Password agent doesn't work for you?

  • andyshinn
    andyshinn
    Community Member

    I am not using the agent. These keys are used in a CI/CD process.

  • stillmoms
    stillmoms
    Community Member

    Seconding this, I generated an ED25519 key pair in 1Password for use with SSH at a client's request and provided them the public key to allow SSH logins for us to one of their servers. It was only after they implemented the public key on their side that I found I was completely unable to figure out how to use the private key stored in 1P with SSH. Seemingly no set of conversions was possible to utilize this key for this purpose, and I wound up having to generate a new key pair and have the client replace the public key I'd given them from the 1Password 8-generated key pair, which was annoying. More detail on what format 1Password is using for Ed25519 keys and how they can be used with SSH on macOS would be nice.

  • stillmoms
    stillmoms
    Community Member
    edited June 2022

    Apologies for the double-post; my browser extensions were making me think my first post never went through!

  • raghwendra
    raghwendra
    Community Member

    There is no download option in the desktop app or browser plugin for Mac. To my surprise, I was able to download and use it on Windows though via the desktop app.

    I'm using MacOS Monterey 12.4

  • Bleo
    Bleo
    Community Member

    This issue also exists on the IOS client with the same solution however it's a much bigger pain to do on IOS for obvious reasons. Please fix this, especially on IOS so copy actually copies the whole key correctly so import into prompt or termius or any other ssh app actually functions.

  • Making the Copy button copy the key in OpenSSH format for better compatibility is something we're actively working on. Stay tuned!

  • bachya1208
    bachya1208
    Community Member

    Chiming in to say that I’m running into this, as well. On iOS, I’m trying to import a 1P-generated private key into Working Copy and am getting an invalid format error.

  • Hey @bachya1208, thanks for letting us know you’re running into this too, and for outlining your use-case!

    This is indeed a known issue, and something we’re working on improving. Keep an eye out for updates!

This discussion has been closed.