Getting started with 1Password for your growing team, or refining your setup? Our Secured Success quickstart guide is for you.
Forum Discussion
SSH key randomly stopped working -- user@host.com: Permission denied (publickey).
I love 1password and its SSH agent capability is a joy to use. However, since today I've experienced the error:
```
my-pc% ssh mailto:user@host.com
mailto:user@host.com: Permission denied (publickey).
my-pc% ssh-add -l
Could not open a connection to your authentication agent.
```
SSH is enabled in 1password's settings. The contents of my SSH config file is as instructed in documentation:
```
~/.ssh/config
Host *
IdentityAgent ~/.1password/agent.sock
```
Turning the SSH agent off and on gives these logs:
```
$XDG_CONFIG_HOME/1password/logs/1Password_rCURRENT.log
INFO 2023-03-25T21:41:36.081 ThreadId(10) [client:typescript] Client starting.
INFO 2023-03-25T21:41:36.170 tokio-runtime-worker(ThreadId(6)) [1P:native-messaging/op-native-core-integration/src/lib.rs:285] Starting IPC listener on 1Password-BrowserSupport
INFO 2023-03-25T21:41:36.171 ThreadId(10) [1P:op-localization/src/lib.rs:226] system locale detected as 'en-GB'
INFO 2023-03-25T21:41:36.171 ThreadId(10) [1P:op-localization/src/lib.rs:252] selected translations for EN_US based on detected locale en-GB
INFO 2023-03-25T21:41:36.171 ThreadId(10) [status:op-app/src/app.rs:450] App::new(1Password for Linux/81003012 (EN_US), /home/$USER/.local/config/1Password/1password.sqlite)
INFO 2023-03-25T21:41:36.171 tokio-runtime-worker(ThreadId(7)) [1P:native-messaging/op-native-core-integration/src/lib.rs:297] Active native core integration is awaiting messages
INFO 2023-03-25T21:41:36.171 ThreadId(10) [1P:data/op-db/src/db.rs:123] Starting DB at version: 26
INFO 2023-03-25T21:41:36.173 ThreadId(10) [1P:ssh/op-ssh-config/src/lib.rs:219] agent configured
ERROR 2023-03-25T21:41:36.173 ThreadId(10) [1P:ffi/op-core-node/src/lib.rs:63] Attempted to notify uninitialized App
ERROR 2023-03-25T21:41:36.173 ThreadId(10) [1P:ffi/op-core-node/src/lib.rs:63] Attempted to notify uninitialized App
INFO 2023-03-25T21:41:36.174 op_executor:invocation_loop(ThreadId(20)) [1P:native-messaging/op-nm-installer/src/nix_utils.rs:68] Created NMH manifest at /home/$USER/.local/config/google-chrome/NativeMessagingHosts/com.1password.1password.json
INFO 2023-03-25T21:41:36.174 op_executor:invocation_loop(ThreadId(20)) [1P:native-messaging/op-nm-installer/src/nix_utils.rs:68] Created NMH manifest at /home/$USER/.local/config/google-chrome-beta/NativeMessagingHosts/com.1password.1password.json
INFO 2023-03-25T21:41:36.175 op_executor:invocation_loop(ThreadId(20)) [1P:native-messaging/op-nm-installer/src/nix_utils.rs:68] Created NMH manifest at /home/$USER/.local/config/google-chrome-unstable/NativeMessagingHosts/com.1password.1password.json
INFO 2023-03-25T21:41:36.175 op_executor:invocation_loop(ThreadId(20)) [1P:native-messaging/op-nm-installer/src/nix_utils.rs:68] Created NMH manifest at /home/$USER/.local/config/chromium/NativeMessagingHosts/com.1password.1password.json
INFO 2023-03-25T21:41:36.175 op_executor:invocation_loop(ThreadId(20)) [1P:native-messaging/op-nm-installer/src/nix_utils.rs:68] Created NMH manifest at /home/$USER/.local/config/microsoft-edge-dev/NativeMessagingHosts/com.1password.1password.json
INFO 2023-03-25T21:41:36.175 op_executor:invocation_loop(ThreadId(20)) [1P:native-messaging/op-nm-installer/src/nix_utils.rs:68] Created NMH manifest at /home/$USER/.local/config/BraveSoftware/Brave-Browser/NativeMessagingHosts/com.1password.1password.json
INFO 2023-03-25T21:41:36.217 op_executor:invocation_loop(ThreadId(20)) [1P:native-messaging/op-nm-installer/src/nix_utils.rs:68] Created NMH manifest at /home/$USER/.local/config/vivaldi/NativeMessagingHosts/com.1password.1password.json
INFO 2023-03-25T21:41:36.217 op_executor:invocation_loop(ThreadId(20)) [1P:native-messaging/op-nm-installer/src/nix_utils.rs:68] Created NMH manifest at /home/$USER/.local/config/vivaldi-snapshot/NativeMessagingHosts/com.1password.1password.json
INFO 2023-03-25T21:41:36.217 op_executor:invocation_loop(ThreadId(20)) [1P:native-messaging/op-nm-installer/src/nix_utils.rs:68] Created NMH manifest at /home/$USER/.config/google-chrome/NativeMessagingHosts/com.1password.1password.json
INFO 2023-03-25T21:41:36.217 op_executor:invocation_loop(ThreadId(20)) [1P:native-messaging/op-nm-installer/src/nix_utils.rs:68] Created NMH manifest at /home/$USER/.config/google-chrome-beta/NativeMessagingHosts/com.1password.1password.json
INFO 2023-03-25T21:41:36.217 op_executor:invocation_loop(ThreadId(20)) [1P:native-messaging/op-nm-installer/src/nix_utils.rs:68] Created NMH manifest at /home/$USER/.config/google-chrome-unstable/NativeMessagingHosts/com.1password.1password.json
INFO 2023-03-25T21:41:36.217 op_executor:invocation_loop(ThreadId(20)) [1P:native-messaging/op-nm-installer/src/nix_utils.rs:68] Created NMH manifest at /home/$USER/.config/chromium/NativeMessagingHosts/com.1password.1password.json
INFO 2023-03-25T21:41:36.217 op_executor:invocation_loop(ThreadId(20)) [1P:native-messaging/op-nm-installer/src/nix_utils.rs:68] Created NMH manifest at /home/$USER/.config/microsoft-edge-dev/NativeMessagingHosts/com.1password.1password.json
INFO 2023-03-25T21:41:36.217 op_executor:invocation_loop(ThreadId(20)) [1P:native-messaging/op-nm-installer/src/nix_utils.rs:68] Created NMH manifest at /home/$USER/.config/BraveSoftware/Brave-Browser/NativeMessagingHosts/com.1password.1password.json
INFO 2023-03-25T21:41:36.218 op_executor:invocation_loop(ThreadId(20)) [1P:native-messaging/op-nm-installer/src/nix_utils.rs:68] Created NMH manifest at /home/$USER/.config/vivaldi/NativeMessagingHosts/com.1password.1password.json
INFO 2023-03-25T21:41:36.218 op_executor:invocation_loop(ThreadId(20)) [1P:native-messaging/op-nm-installer/src/nix_utils.rs:68] Created NMH manifest at /home/$USER/.config/vivaldi-snapshot/NativeMessagingHosts/com.1password.1password.json
INFO 2023-03-25T21:41:36.218 op_executor:invocation_loop(ThreadId(20)) [1P:native-messaging/op-nm-installer/src/nix_utils.rs:68] Created NMH manifest at /home/$USER/.mozilla/native-messaging-hosts/com.1password.1password.json
INFO 2023-03-25T21:41:36.218 op_executor:invocation_loop(ThreadId(20)) [1P:native-messaging/op-nm-installer/src/nix_utils.rs:83] Successfully installed all native messaging manifests.
INFO 2023-03-25T21:41:36.218 tokio-runtime-worker(ThreadId(6)) [1P:ssh/op-agent-controller/src/desktop.rs:409] SSH Agent has started.
INFO 2023-03-25T21:41:44.190 tokio-runtime-worker(ThreadId(1)) [1P:data/op-account-ext-items/src/lib.rs:225] loaded 553 items in 7 vaults for account: FEPEWI3CDNGV3GGPXJFK7ST7SA
INFO 2023-03-25T21:41:44.194 op_executor:invocation_loop(ThreadId(20)) [1P:op-app/src/app/backend/unlock.rs:122] Lock state changed: Unlocked
INFO 2023-03-25T21:41:44.195 tokio-runtime-worker(ThreadId(6)) [1P:native-messaging/op-native-core-integration/src/lib.rs:303] Setting has been toggled on/off, restarting native core integration
INFO 2023-03-25T21:41:44.195 tokio-runtime-worker(ThreadId(6)) [1P:native-messaging/op-native-core-integration/src/lib.rs:285] Starting IPC listener on 1Password-BrowserSupport
INFO 2023-03-25T21:41:44.195 tokio-runtime-worker(ThreadId(1)) [1P:native-messaging/op-native-core-integration/src/lib.rs:297] Active native core integration is awaiting messages
INFO 2023-03-25T21:41:45.628 tokio-runtime-worker(ThreadId(8)) [1P:op-syncer/src/sync_job.rs:291] synced account FEPEWI3CDNGV3GGPXJFK7ST7SA (0.129731279s)
INFO 2023-03-25T21:41:45.628 tokio-runtime-worker(ThreadId(8)) [1P:data/op-file-transfer/src/lib.rs:565] find_and_complete_pending_uploads: 'FEPEWI3CDNGV3GGPXJFK7ST7SA'
INFO 2023-03-25T21:41:45.923 tokio-runtime-worker(ThreadId(3)) [1P:data/op-account-ext-syncer/src/lib.rs:250] The B5 Notifier for (FEPEWI3CDNGV3GGPXJFK7ST7SA) has connected, now monitoring for events.
INFO 2023-03-25T21:41:52.938 tokio-runtime-worker(ThreadId(3)) [1P:ssh/op-agent-controller/src/desktop.rs:409] SSH Agent has started.
INFO 2023-03-25T21:41:55.481 op_executor:invocation_loop(ThreadId(20)) [1P:op-app/src/app/backend/frontend.rs:27] Front end event: window closed
```
1password is (as of writing) fully up-to-date, as is the rest of my system:
```
my-pc% sudo pacman -Syu
:: Synchronising package databases...
core is up to date
extra is up to date
community is up to date
:: Starting full system upgrade...
there is nothing to do
theo-pc% yay -Sua
:: Searching AUR for updates...
-> Flagged Out Of Date AUR Packages: firefox-appmenu-bin wiibafu
there is nothing to do
```
What could be going on here?
1Password Version: 1Password for Linux 8.10.3 (81003012)
OS Version: Arch Linux (rolling release)
5 Replies
floris_1P1Password Team
Glad you got it working again 👍
Okay, it's sorted. I had accidentally deleted my home directory last session (I wasn't using it for anything so it wasn't an obvious mistake) and so with it the
.sshfolder disappeared, wiping the authorised keys file. Restoring the file with my SSH public key resolved the issue. Sorry for wasting your time, but hopefully this will serve to help anyone else who ever has this issue.```
OpenSSH_9.2p1, OpenSSL 3.0.8 7 Feb 2023
debug1: Reading configuration data /home/user/.ssh/config
debug1: /home/user/.ssh/config line 1: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to host.com [IP.IP.IP.IP] port 22.
debug1: Connection established.
debug1: identity file /home/user/.ssh/id_rsa type -1
debug1: identity file /home/user/.ssh/id_rsa-cert type -1
debug1: identity file /home/user/.ssh/id_ecdsa type -1
debug1: identity file /home/user/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/user/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/user/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/user/.ssh/id_ed25519 type -1
debug1: identity file /home/user/.ssh/id_ed25519-cert type -1
debug1: identity file /home/user/.ssh/id_ed25519_sk type -1
debug1: identity file /home/user/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/user/.ssh/id_xmss type -1
debug1: identity file /home/user/.ssh/id_xmss-cert type -1
debug1: identity file /home/user/.ssh/id_dsa type -1
debug1: identity file /home/user/.ssh/id_dsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_9.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.4p1 Debian-5+deb11u1
debug1: compat_banner: match: OpenSSH_8.4p1 Debian-5+deb11u1 pat OpenSSH* compat 0x04000000
debug1: Authenticating to host.com:22 as 'user'
debug1: load_hostkeys: fopen /home/user/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: mailto:chacha20-poly1305@openssh.com MAC:compression: none
debug1: kex: client->server cipher: mailto:chacha20-poly1305@openssh.com MAC:compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ssh-ed25519 SHA256:/tC1NzMgwd4Iek+WhI9qRw/TbLXG2ogRVL0QDVUY8fA
debug1: load_hostkeys: fopen /home/user/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: Host 'host.com' is known and matches the ED25519 host key.
debug1: Found key in /home/user/.ssh/known_hosts:1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: get_agent_identities: agent returned 1 keys
debug1: Will attempt key: main SSH key ED25519 SHA256:ILeN0jWD7UB1esK9DNq69Ie+rakdEWKrBDdLWgNAQTs agent
debug1: Will attempt key: /home/user/.ssh/id_rsa
debug1: Will attempt key: /home/user/.ssh/id_ecdsa
debug1: Will attempt key: /home/user/.ssh/id_ecdsa_sk
debug1: Will attempt key: /home/user/.ssh/id_ed25519
debug1: Will attempt key: /home/user/.ssh/id_ed25519_sk
debug1: Will attempt key: /home/user/.ssh/id_xmss
debug1: Will attempt key: /home/user/.ssh/id_dsa
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: main SSH key ED25519 SHA256:ILeN0jWD7UB1esK9DNq69Ie+rakdEWKrBDdLWgNAQTs agent
debug1: Authentications that can continue: publickey
debug1: Trying private key: /home/user/.ssh/id_rsa
debug1: Trying private key: /home/user/.ssh/id_ecdsa
debug1: Trying private key: /home/user/.ssh/id_ecdsa_sk
debug1: Trying private key: /home/user/.ssh/id_ed25519
debug1: Trying private key: /home/user/.ssh/id_ed25519_sk
debug1: Trying private key: /home/user/.ssh/id_xmss
debug1: Trying private key: /home/user/.ssh/id_dsa
debug1: No more authentication methods to try.
mailto:user@host.com: Permission denied (publickey).```
- floris_1P
Could you provide your
ssh -v user@hostoutput?
