Getting started with 1Password for your growing team, or refining your setup? Our Secured Success quickstart guide is for you.
Forum Discussion
SSH Agent Forwarding
I'm really enjoying using 1Password as a ssh-agent with biometric unlock. I'm wondering if it's possible forward the SSH agent though.
Scenario:
I have two macs with 1Password setup with biomet...
This is also a problem for me. I have agent forwarding enabled in my ~/.ssh/config. I also have 1Password configured as the IdentityAgent like this:
Host *
IdentityAgent "~/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock"
ForwardAgent yes
When I ssh into my iMac remotely and then attempt to use ssh from there (e.g., via git) the option for IdentityAgent is used (i.e., the locked 1Password as the agent) and NOT the forwarded agent from my local MacBook. I would like the forwarded agent to be used instead of the locked 1Password on my remote iMac.
I suspect this is not a problem specific to 1Password, and instead related to how the OpenSSH options for ForwardAgent and IdentityAgent interact.
Does anyone know of a way to configure the OpenSSH client to prefer the forwarded agent over the configured IdentityAgent?
As a workaround for this I often disable the IdentityAgent option (comment it out in my ~/.ssh/config) when I'm ssh'd in remotely, but this is a pain and not ideal. You could also disable the option via command line but this is also not ideal, and not really possible when ssh is used via git and similar.
