Skip to main content
March 3, 2025
Question

SSH Agent forwarding

  • March 3, 2025
  • 1 reply
  • 200 views

Please forgive me if that was already discussed or even solved, but I didn't manage to find a solution for my case. I want to connect from my home MBA to my work MBP. Both of them have 1Password installed, with the 1Password SSH agent being actively used for SSH key management and commit signing. I followed the documentation and configured my work (remote) machine to use 1Password only when not over SSH while using the default ssh-agent for remote connections:

Host *
  UseKeychain yes
  AddKeysToAgent yes

Match host * exec "test -z $SSH_TTY"
  IdentityAgent "~/.1password/agent.sock"

When I'm connected to my remote machine, I observe the following:
1. Echoing `$SSH_AUTH_SOCK` results in `~/.1password/agent.sock`, not `tmp/...` as it is supposed to be (?)
2. When attempting to execute `git pull`, it triggers biometrics on the remote machine, and the request is obviously not forwarded, thus eventually failing to proceed.

Am I missing something here? Did I get it right that only 'default' ssh-agent requests can be forwarded?

Thank you in advance.

1 reply

skoch13Author
April 1, 2025

That was my mistake as forcibly set `SSH_AUTH_SOCK` in my .zshrc 🤦‍♂️