Signing back into the Community for the first time? You'll need to reset your password to access your account.  Find out more.

Forum Discussion

Former Member's avatar
Former Member
3 years ago

SSH to EC2 - `agent refused operation`

I have a problem with accessing an EC2 instance using a private key stored in my private vault.

Steps:

  1. Update ~/.ssh/config with a host i.e.


Host random-host
HostName random-host.com
User ec2-user
IdentityAgent "~/Library/Group Containers/2BUA8GG42C.com.1password/t/agent.sock"

  1. Try to ssh to random-host

1password app prompts to 'Allow Access'

  1. This results in:

sign_and_send_pubkey: signing failed for RSA "random-host" from agent: agent refused operation ec2-user@random-host.com: Permission denied (publickey)

  1. When I list all of the keys available to the agent:

ssh-add -l

The agent has no identities.

Can you help? Not sure which steps I have missed?

Thanks, Matt


1Password Version: Not Provided
Extension Version: 8.6.0
OS Version: Not Provided

  • floris_1P's avatar
    floris_1P
    Icon for 1Password Team rank1Password Team

    Do you see anything appear in the logs when you run the SSH command? On macOS: ~/Library/Group Containers/2BUA8C4S2C.com.1password/Library/Application Support/1Password/Data/logs/1Password_rCURRENT.log

  • dc240's avatar
    dc240
    New Contributor

    I too am getting this error, but only to one ssh server. All others work with the 1P8 agent. remote server configs are the same (sshd_config/ pam.d/sshd)

    error log:
    ERROR 2022-03-17T08:54:31.638 tokio-runtime-worker(ThreadId(12)) [1P:/Users/builder/builds/BhfSvM9x/0/dev/core/core/ssh/op-ssh-agent/src/lib.rs:377] Error handling sign request: Key(signing with ssh-rsa is unsupported; SHA-1 may be insecure)

    MacOS 12.3
    1p 8.7 80700004, on NIGHTLY channel

  • floris_1P's avatar
    floris_1P
    Icon for 1Password Team rank1Password Team

    dc240 The latest 1Password beta now has support for ssh-rsa connections. Can you see if it works now?