Getting started with 1Password for your growing team, or refining your setup? Our Secured Success quickstart guide is for you.
Forum Discussion
Use SSH Agent in latest beta without config snippet in ~/.ssh/config
SSH Agent settings are potentially trying to be too smart and/or helpful in the latest beta of 1Password.
I don't keep the config snippet 1Password gives in ~/.ssh/config as I sync my dotfiles across various machines and operating systems.
Instead I place the following in ~/.ssh/config:
Include ~/.local/ssh/config.d/*.conf
And place the snippet 1Password gives in ~/.local/ssh/config.d/1password.conf on each machine which I use 1Password on.
But with the latest beta version of 1Password, the SSH Agent settings are not available until I explicitly place the snippet into ~/.ssh/config. This is rather annoying, as I need to exclude/ignore these lines when syncing my dotfiles between machines.
Hence I'd suggest a manual override/confirm to access full SSH Agent settings even if 1Password seems to think that it's not setup correctly.
Or alternatively, maybe 1Password could start a local SSH server with a built-in authorized key, and attempt to connect to it silently approving the one special built-in key to verify if 1Password's SSH Agent actually gets used. Feels hacky, but would be more reliable with the various ways ssh can be configured.
1Password Version: 8.9.11 (80911014)
Extension Version: Not Provided
OS Version: macOS 13.0.1 (22A400)
Browser:_ Not Provided
2 Replies
floris_1P1Password Team
The SSH config gets parsed for a smooth setup flow, but you guys are totally right that it should not require this check to pass and consequently "lock you out" of your settings. We're working on a fix for this and we'll keep you posted! As a workaround for now, you can indeed add the snippet directly to your
~/.ssh/configfile or move to the stable release channel instead of the beta channel for now.This is worrying - but why does 1pwd even need to parse .ssh/config ? the ssh-agent doesnt need to read .ssh/config unless I'm missing something
Is this just some setup check that doesn't infer? FWIW, I don't have the exact snippet 1pw either suggest in my .ssh/config as not all my keys are stored in 1pw's agent - so some hosts have a different IdentityAgent and no wildcard matching - This seems to be okay on non-beta
@1password please confirm you not about to further cripple this product with the above - with incessant ssh-agent prompting and no ability to toggle "new processes always require approval" us non-macbook non-touchid users are feeling increasingly isolated in the our way or the highway approach of recent
