Skip to main content
October 5, 2022
Question

SSH Agent and Multiple Keys

  • October 5, 2022
  • 4 replies
  • 4357 views

Storing SSH keys in 1Password is a great feature, so I make use of it a lot and I store A LOT of SSH keys in 1Password. So far, so good :)

.. BUT: I don't want EVERY SSH-key to be loaded into the SSH-agent. I want to be able to SELECT which keys should loaded by the agent, or at least be able to DISABLE some keys from being loaded by the SSH-agent.

The reason for this is quite simple: all loaded keys will be offered/handshaked during a SSH connection. It makes no sense to do that for an unnecessary amount of keys that are solely in 1Password for vault/archive purposes.

Can we somehow get this in as a feature request?


1Password Version: 8.9.4
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided

4 replies

XIII
October 6, 2022

all loaded keys will be offered/handshaked during a SSH connection.

Unless you use match the key with the host?

https://developer.1password.com/docs/ssh/agent/advanced#match-key-with-host

mpeppingAuthor
October 6, 2022

Very cool. Didn't know a public-key could be used with IdentityFile. Thanks @XIII.

XIII
October 6, 2022

You’re welcome.

I did not know either until I started using the 1Password SSH agent…

mpeppingAuthor
October 7, 2022

Yeah, really cool. Works like a charm.

The downside is though, when ProxyJump'ing to other hosts with AgentForwaring, the inbetween nodes also need to have the pub-keys + IdentityFile configuration in place.