Signing back into the Community for the first time? You'll need to reset your password to access your account. Find out more.
Forum Discussion
Getting SSH key support to work (macOS, version 8.6.0 beta)
I was interested to read the Blog post about the new SSH agent/key support, but, for the life of me, am apparently missing something obvious in getting it to actually work.
I have read through the documentation, and have extensive familiarity with setting up SSH keys, using agents, and so on, but, no joy.
The documentation specifically mentions setting up your new SSH keys in "your Private vault"; I'm not sure if the use of the word Private is crucial here, but, assuming a level of pedantry, I created a new Vault called "Private". I then created a new key.
I've enabled the SSH agent in the Developer preferences of 1P8, and modified my .ssh/config file for a specific host to use the socket for the IdentityAgent. I've tried both the full "Group Containers" path, as per the snippet in the Preferences, as well as the symlinked socket in .1password.
I have rebooted multiple times, and ensured 1P7 was removed from this machine (M1 MBP, new). 1P8 starts at login, and I open/start it before testing SSH.
I've also tried exporting the SSH_AUTH_SOCK explicitly, and checking with ssh-add -l.
No matter what I do, no identities are available in the agent.
And, predictably, whenever I try to log in to the defined host, it fails, and falls back to Password.
I also tried defining the global "Host *" option with the socket's location, still didn't work.
Even tried specifying IdentitiesOnly for the host I'm testing with...nope.
Must be missing something so obvious that I just can't see it...any hints appreciated.
1Password Version: 8.6.0
Extension Version: Not Provided
OS Version: Not Provided
I have the same problem. I set things up according to the docs, configured $SSH_AUTH_SOCK in my shell profile and the agent in ~/.ssh/config, but I still see from ssh-add -l:
The agent has no identities.That Private vault info is also incorrect. It may be that new accounts all have a Private vault (no idea), but for my account that was in the first launch of 1Password Families, the "Private" vault doesn't exist and never has. I have Personal, Shared, and a couple other vaults that we've added on. My SSH key is in a vault I created for work purposes. I'm running the 1Password 8 beta (latest) on macOS 12.3.
I checked the 1PW logs and see the following:
rg ssh ~/Library/Group\ Containers/2BUA8C4S2C.com.1password/Library/Application\ Support/1Password/Data/logs/1Password_rCURRENT.log
13:ERROR 2022-03-17T14:20:36.727 ThreadId(12) [1P:ssh/op-ssh-config/src/lib.rs:128] Could not open ssh config file in ~/.ssh/config
37:INFO 2022-03-17T14:20:36.750 tokio-runtime-worker(ThreadId(9)) [1P:ssh/op-agent-controller/src/desktop.rs:285] SSH Agent has started.My SSH config is set up correctly:
ls -al ~/.ssh/config
-rw-r--r-- 1staff 368 Mar 17 14:14 /Users/ /.ssh/config Host *
IgnoreUnknown AddKeysToAgent,UseKeychain
UseKeychain yes
AddKeysToAgent yes
IdentitiesOnly yes
IdentityAgent "~/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock"
floris_1P1Password Team
Every 1Password account comes with a vault called
Private, where you can store the items that you want to keep for yourself. So also if you have a work account, you still get a Private vault where you can keep your work-related but still private items, like the login to your work email.ssh-add -lshould list every SSH key item from all Private vaults on any account.If you log in to 1password.com, you should see your Private vault listed there:
Hi, I was having similar issues and the problem was in the vault choice. Only keys I've got in my "first" vault show up, others are ignored. I had named the vault "Personal" and I don't understand the "Private" reference either. Therefore, my advice to you would be to try and put 1 SSH key into each vault and see if one of them shows up in ssh-add -l.
