Getting started with 1Password for your growing team, or refining your setup? Our Secured Success quickstart guide is for you.
Forum Discussion
kjdsahtdsjighsdkjgs
2 months agoNew Contributor
How do I use the SSH agent in headless Linux?
I want to clone a Git repository that needs SSH authorization. On my desktop this is straightforward: I have the 1Password app installed and the SSH agent enabled in its settings. git clone with an SSH URL makes the desktop app prompt me for approval and I get connected properly.
However I want to clone a repository in a Debian Linux LXC. It does not have any GUI installed; I can only connect to it via a shell. I have the 1Password CLI app op installed and connected properly because op vault list works. However I cannot use the SSH agent:
# ssh-add -l
Could not open a connection to your authentication agent.
My ~/.ssh/config looks like:
Host *
IdentityAgent ~/.1password/agent.sock
More context about my CLI installation which is installed from the 1Password Debian repository:
# apt info 1password-cli
Package: 1password-cli
Version: 2.31.1-2
Maintainer: 1Password <support@1password.com>
Installed-Size: unknown
Homepage: https://agilebits.com/
Vendor: 1Password <support@1password.com>
Download-Size: 6729 kB
APT-Manual-Installed: yes
APT-Sources: https://downloads.1password.com/linux/debian/amd64 stable/main amd64 Packages
Description: The official 1Password command-line tool.
# op --version
2.31.1
I don't have a ~/.1password directory so the agent is not set up or not running. How can I get it running without a GUI to approve its use?
I was working on getting this up and running, but alas you will need the 1Password Client installed with a GUI to be able to manage the SSH-Agent. I'm sorry it just won't work without it.
Thanks,
Phil
3 Replies
- 1P_Phil
Moderator
Hi kjdsahtdsjighsdkjgs ,
You'll need to also install the 1Password Client (as it acts as the interface to your vault from the CLI). I don't have a headless system to test this on at the moment, but the following should get you headed in the right direction. Let me know if you have further questions. ~ Phil
sudo apt install 1password
Then you'll need to replace the existing "IdentityAgent" with a path of the "~/.ssh/config file to
Host * IdentityAgent ~/.config/1Password/ssh/agent.sock
Then you'll need to manually configure 1Password
mkdir -p ~/.config/1Password/
and create the file "~/.config/1Password/settings.json" and insert
{ "app.developer.sshAgent": true }
then authorize using
op signin
and you should be able to view your vaults
op vault list
finally check that the SSH Agent is working by
ssh-add -l
Finally here are some docs which might help the process
- kjdsahtdsjighsdkjgsNew Contributor
I figured that might be the case but I'm worried it'll try to install a whole X environment due to the many dependencies it wants:
# apt install 1password Reading package lists... Done Building dependency tree... Done Reading state information... Done The following additional packages will be installed: adwaita-icon-theme at-spi2-common at-spi2-core dconf-gsettings-backend dconf-service gnupg2 gsettings-desktop-schemas gtk-update-icon-cache hicolor-icon-theme libatk-bridge2.0-0 libatk1.0-0 libatspi2.0-0 libauthen-sasl-perl libavahi-client3 libavahi-common-data libavahi-common3 libayatana-appindicator1 libayatana-appindicator3-1 libayatana-ido3-0.4-0 libayatana-indicator3-7 libayatana-indicator7 libclone-perl libcolord2 libcups2 libdata-dump-perl libdbusmenu-glib4 libdbusmenu-gtk3-4 libdbusmenu-gtk4 libdconf1 libegl-mesa0 libegl1 libencode-locale-perl libfile-basedir-perl libfile-desktopentry-perl libfile-listing-perl libfile-mimeinfo-perl libfont-afm-perl libfontenc1 libgail-common libgail18 libgles2 libgtk-3-0 libgtk-3-bin libgtk-3-common libgtk2.0-0 libgtk2.0-bin libgtk2.0-common libhtml-form-perl libhtml-format-perl libhtml-parser-perl libhtml-tagset-perl libhtml-tree-perl libhttp-cookies-perl libhttp-daemon-perl libhttp-date-perl libhttp-message-perl libhttp-negotiate-perl libice6 libio-html-perl libio-socket-ssl-perl libio-stringy-perl libipc-system-simple-perl liblwp-mediatypes-perl liblwp-protocol-https-perl libmailtools-perl libnet-dbus-perl libnet-http-perl libnet-smtp-ssl-perl libnet-ssleay-perl libnotify4 libnspr4 libnss3 libregexp-ipv6-perl libsm6 libtie-ixhash-perl libtimedate-perl libtry-tiny-perl liburi-perl libwww-perl libwww-robotrules-perl libx11-protocol-perl libxaw7 libxcomposite1 libxdamage1 libxft2 libxinerama1 libxkbfile1 libxml-parser-perl libxml-twig-perl libxml-xpathengine-perl libxmu6 libxmuu1 libxt6 libxtst6 libxxf86dga1 perl-openssl-defaults x11-utils x11-xserver-utils xdg-utils zutty Suggested packages: libdigest-hmac-perl libgssapi-perl colord cups-common gvfs libcrypt-ssleay-perl notification-daemon libsub-name-perl libbusiness-isbn-perl libauthen-ntlm-perl libunicode-map8-perl libunicode-string-perl xml-twig-tools debhelper mesa-utils nickle cairo-5c xorg-docs-core
- 1P_Phil
Moderator
I was working on getting this up and running, but alas you will need the 1Password Client installed with a GUI to be able to manage the SSH-Agent. I'm sorry it just won't work without it.
Thanks,
Phil