Skip to main content
petebocken
March 22, 2022
Question

"Host * IdentityAgent" required to connect to SFTP and "Host customname IdentityAgent" not working

  • March 22, 2022
  • 6 replies
  • 1230 views

I'm connecting SFTP with Transmit to a SiteGround server. I can connect just fine if I have Host * IdentityAgent "~/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock added to my ssh config.

However, if I remove that line and add it instead directly to my Host name, I cannot connect via SFTP. I receive error "Credentials were not accepted by the server." in Transmit.

So my Host entry is:

Host customname
HostName domain.com
Port 18765
User username
IdentityFile ~/.ssh/hostname.pub
IdentitiesOnly yes
IdentityAgent "~/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock"

It would make sense that the Host * is being used for all entries in my config file and removing it and adding it directly to this one entry should make no difference, correct?


1Password Version: 8.7.0
Extension Version: Not Provided
OS Version: macOS 12.3

6 replies

floris_1P
1Password Employee
March 24, 2022

Unlike most other SSH clients, Transmit currently does not support setting public keys as IdentityFile unfortunately, so you'll have to remove IdentityFile and IdentitiesOnly. It does support reading the IdentityAgent from either a specific host or from Host *.

petebocken
March 24, 2022

OK, I removed IdentityFile and IdentitiesOnly from the specific host entry in config and it still won't connect in Transmit:

Host customname
HostName domain.com
Port 18765
User username
IdentityAgent "~/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock"

It still only works if I have the IdentityAgent set on Host *. But I can't use that because then it breaks SSH and SFTP with my https://1password.community/discussion/comment/632455#Comment_632455 with DigitalOcean and https://developer.1password.com/docs/ssh/agent/advanced/#ssh-server-six-key-limit.

So it appears that Transmit needs Host * in order for 1P ssh-agent to work, but only for some hosts. My config entries are the same HostName that I am using in Transmit, so I would figure it would see them just fine, correct?

I think I'll have to abandon 1P SSH Keys completely for now. I can't figure out the correct combination of ssh config, which public and/or private keys need to be downloaded and/or loaded in Transmit. It's very possible everything would work fine if I used something else besides Transmit, but I'm not willing to give that up.

floris_1P
1Password Employee
March 24, 2022

How are you configuring it in Transmit? This works for me:


Host customname
HostName domain.com
Port 18765
User username
IdentityAgent "~/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock"

So in Transmit I only provide the alias and leaving the rest with default settings.
(I'm on Transmit 5.8.4)

petebocken
March 24, 2022

OK, doing it this way seems to work. I still have some issues with a couple SiteGround and InMotion servers for some reason. But I think it's something outside of 1Password. I'll let you know.

floris_1P
1Password Employee
March 25, 2022

Good to hear that you got it working well now with Transmit! For the SiteGround and InMotion servers, it might be the same problem as described here.

August 8, 2022

For me the issue was the same when I used SFTP with password auth.
Adding IdentitiesOnly yes for these hosts before the Host * is what worked for me.
So e.g:

Host *.netcup.net
IdentitiesOnly yes
Host ssh.strato.de
IdentitiesOnly yes
Host *.your-server.de
IdentitiesOnly yes
Host *.1and1-data.host
IdentitiesOnly yes

Host *
IdentityAgent "~/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock"

(can't format as code, as the content is not visible then)