Skip to main content
MrC
May 3, 2023
Question

SSH MacBook to iMac using TouchID?

  • May 3, 2023
  • 7 replies
  • 829 views

I probably spent too much time on this today, but I'm simply failing to be able to use 1Password via TouchID to authenticate my SSH connection from my MacBook to my iMac.

The -v output shows the id_ed25519 pub key is being offered. The listed auth methods are:

debug1: Authentications that can continue: publickey,password,keyboard-interactive

but the next lines says


debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: keyboard-interactive

and of course I get the password prompt in iTerm.

ssh-add -l lists my key.

I've never had 1Password prompt me. If I leave the password prompt waiting my response, eventually I see the log shows an ssh authorization timeout.

Am I just daft? If so, hit me with the clue stick please.


1Password Version: 8.10.6 beta channel
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided

7 replies

Jack_P_1P
1Password Employee
May 3, 2023

Hey @MrC:

Great question! If you go to the Developer section of settings in 1Password, and change one of the SSH related settings, does that improve your state of play? Let me know.

Jack

MrC
MrCAuthor
May 3, 2023

Hi @Jack_P_1P

I recall reading that tip, but it has had no affect for me. I've toggled or changed each of the settings in that area of the dialog, restarted 1Password. Still the same thing.

May 26, 2023

Hey @MrC!

Please try updating to the latest version of the 1Password app. If the issue still persists, could you please reproduce the bug, check the 1Password app's logs and let us know if you see any lines related to ssh? You can find the logs under Help -> Troubleshooting -> Open logs folder, then opening the log file that has CURRENT in its name.

Thanks,
Márton

floris_1P
1Password Employee
May 26, 2023

Do the ssh -v logs only show that the key is being offered or also that it has been accepted by the server you're trying to connect to?

So not only:
debug1: Offering public key

But also:
debug1: Server accepts key

MrC
MrCAuthor
May 26, 2023

I'm at version 8.10.7 beta.

Here's what I get:

floris_1P
1Password Employee
May 29, 2023

Looking at the -v logs, it seems that the server never accepted the public key. Are you sure the public key is correctly configured in the server's authorized_keys file?

MrC
MrCAuthor
May 29, 2023

@floris_1P

That was exactly the issue. For some reason, my brain was stuck in magic thinking mode. I'd thought 1Password's agents were conveying the credentials, and the server was picking up my private key within the id_ed25519 file itself. I haven't used key-based authorizations in a few decades, and clearly forgot all the details.

Perhaps some instructions about how to set this up might be useful. The info I've read only focuses on Github authorizations.

Thanks.