SSH Agent forwarded to Docker container only attempts to use the first SSH key

Dedicated Contributor

2 months ago

I believe with the default configuration, 1Password SSH Agent prompts for a key when the key is requested (like any other SSH Agent). If you want a specific key, you'll need to specify the key, either in the ~/.ssh/config file or via the command line ("ssh -i identity_file").

What I find works best with 1Password SSH Agent, is to store the PUBLIC keys as identify files (e.g. "~/.ssh/config/id_ed25519.pub") and then in ~/.ssh/config set the identity file to the public key via "IdentityFile ~/.ssh/id_ed25519.pub".

This has two advantages:

no need to store the private key on disk
easy to configure specific key to use

If you really want to configure 1Password SSH Agent to only allow access to specific keys, it's possible to configure it via 1Password https://developer.1password.com/docs/ssh/agent/config.

However, I find it best to stick with basic SSH config for broader compatibility.

Forum Discussion

SSH Agent forwarded to Docker container only attempts to use the first SSH key

Featured discussions

Developer newsletter: May 2026

Recent discussions

Linux beta breaks git signing - removes execute bit on op-ssh-sign

Add more detail to CLI access request modal

Feature Request: Remote approval for op CLI / desktop prompts to support Agentic Workflows

1Password Environments should enable grouping environments by service

What are Events in https://<base_url>/api/v1/itemusages and https://<base_url>/api/v1/signinattempts