3

I switched to keeping all my SSH private and public key pairs in 1Password, relying on 1Password SSH Agent to provide the key in time of authentication to SSH remote servers and/or GitHub with a configuration like:

On Mac:

Host github.com
  User git
  HostName github.com
  IdentityAgent ~/Library/Group\ Containers/2BUA8C4S2C.com.1password/t/agent.sock
Host *
  IdentityAgent ~/Library/Group\ Containers/2BUA8C4S2C.com.1password/t/agent.sock

On Linux

Host github.com
  User git
  HostName github.com
  IdentityAgent ~/.1password/agent.sock
Host *
  IdentityAgent ~/.1password/agent.sock

I have (had) the issue, that suddenly authentication from/to existing/unchanged systems was not working anymore. ssh -vvv revealed, that the private key fitting for a remote system was not found/not picked, although it was listed in ssh-add -l.

Improve this question

1 Answer 1

Reset to default
2

Digging a bit deeper I found out, that some SSH servers limit the number of private keys they accept for checking ... e.g. to 6. As I was adding another key pair recently, although not yet in use and for a non-SSH use case, I figured, that this could be the cause of the problem.

As I did not (yet) find out how to pin-point key pairs for certain remote systems with 1Password, I reverted to limiting the keys exposed by adapting file ~/.config/1Password/ssh/agent.toml to something like:

[[ssh-keys]]
vault = "Private"
item = "awsec2"

[[ssh-keys]]
vault = "Private"
item = "azvm"

[[ssh-keys]]
vault = "Private"
item = "github"

[[ssh-keys]]
vault = "Private"
item = "homelinux"
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.