Give preference to 1p ssh key defined in git config
Hello. I have multiple github accounts that I need to use at the same time. All my ssh keys are stored in 1p. what I need is when operating under one git repo, to always use the preferred GithubAuth key in that repo as opposed others that may be defined in a different order in the 1p toml file. For example: when working under /git-repo1/ (use GithubKey1) when working under /git-repo2/ (use GithubKey2) when working under /git-repo3/ (use GithubKey3) what i'm finding is that even if i have an identity file defined in the gitconfig, 1p still goes through the list of ssh keys defined in my ssh vault and doesn't give preference to the one defined in the gitconfig. ``` git-repo3 config [core] sshCommand = "ssh -i ~/.ssh/GitHubKey3.pub" ``` Using a 1p toml configuration doesn't really help since I can't really specify folders, only the ordering, which helps somewhat but what I need is to give it preference to the key defined in my git config when pulling/pushing git changes. Does anybody know a way where I can have 1p give preference to keys defined in the gitconfig for each repo? 1Password Version: Not Provided Extension Version: Not Provided OS Version: Not Provided Browser: Not Provided
1Password SSH Agent how to set specific ssh key
I have a few different ssh keys that are used for git and would like to have it set so that if going through one github organization i force one key if going to a personal account it uses a different key. Is there any way as part of the IdentityAgent to specify the appropriate key or is the option just to keep cycling through the prompts for ssh keys? 1Password Version: Not Provided Extension Version: Not Provided OS Version: Not Provided Browser: Not Provided
Cannot authorize SSH key by Master Password if Touch ID active
When Touch ID is active, the prompt for authorising a SSH key does not also provide the option to enter the master password. This prevents me authorising SSH key prompts if I am on a remote screen share to that computer. The workaround is obviously to turn off Touch ID but it would be best if the authorisation for SSH worked just like the main 1Password authorisation works, with both options being possible. If there is another way around this I would be grateful to know. Thanks. 1Password Version: 8.10.23 Extension Version: 2.18.2 OS Version: macOS 14.2.1 Browser: Chrome
Support for SSH Certificates (2024)
This question came up a couple of times in 2022, but it didn't look like anything was resolved. Since it's been two years... For those unfamiliar with the concept, SSH certificates are host and user public keys, signed by your own internal SSH CA, that ease key approval and distribution, especially in large-scale environments. Once a user has created a public-private key-pair, the public key is signed by an (internal) SSH CA. The user then uses ssh-add to add the public key and, if present, the certificate file to the user's ssh agent. Here is a reasonably good writeup of how SSH certificates work. Using stock ssh-add and ssh-agent on Mac OS 14, we can see the public key and certificate both being added to the agent: $ /usr/bin/ssh-add .ssh/id_ed25519 Enter passphrase for .ssh/id_ed25519: Identity added: .ssh/id_ed25519 (<REDACTED>) Certificate added: .ssh/id_ed25519-cert.pub (chris) A remote host, when properly configured, will verify that my user certificate has not expired (expiration and inception times) and was issued by a trusted CA, whose key would have already been added to the server. This eliminates the need for me to maintain an authorized_keys file on the remote end. I was hoping to be able to store these keys in 1Password. That certainly works; however, 1Password does not support certificates in neither the user interface nor the ssh agent. 1Password derives public keys from private keys but does not provide a way for the user to upload the certificate file, above and beyond attaching an arbitrary file. The ssh agent behind the scenes presumably also does not support certificates. For the moment, I have configured my ssh client to use the stock ssh-agent for the host that uses certificates, while everything else can go through 1Password. Are there any plans to add support to the 1Password user interface and to the underlying ssh agent for certificates? Thanks! 1Password Version: 8.10 Extension Version: Not Provided OS Version: macOS 14.2.1 Browser: Not Provided
Exporting encrypted ssh key not usable
Hi guys, I tried to export an encrypted ssh key, which I generated in 1Password and use this in my SSH Client tool of choice (Server Cat or WebSSH) but the key is not usable, as I get the error "Error parsing private key". If I copy or download the unencrypted key it works fine. I do not think this is the way it should behave. Could you look into it, or let me know how I can do it better? 1Password Version: 8.10.23 Extension Version: Not Provided OS Version: macOS 14.3.1 Browser: Not Provided
Tower git client SSH integration not working
Hi all. Could i please ask for some assistance getting 1Password SSH to work with Tower (git-tower.com). I have 1Password SSH installed and working with Github Desktop, but whenever I try to commit using Tower, I get an fatal: either user.signingkey or gpg.ssh.defaultKeyCommand needs to be configured error. 1Password Version: 1Password for Mac 8.9.12 (80912010) Extension Version: Not Provided OS Version: 13.1 (22C65) Browser:_ ChromeGit Commit Signing with SSH Key (Unverified persists)
Hey, I use the SSH function to save my Github SSH Key in 1Password. I added an SSH key (https://github.com/settings/keys) with 1Password. 1Password created one SSH Key and automatically put the public key into the Github Public Key field. After that, I configured the commit signing and added the snippet (provided by 1Password) into my .gitignore. From that moment on, I thought the signing process would work. But the "Unverified" badge on Github still persists. After some research, I made further attempts like: * Adding "-S" flag to git commit (https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits) * Repeated the process described above * Double-checked .gitignore Nevertheless, the problem persists, and I cannot verify my git commits. I hope you can help out. 1Password Version: 1Password for Mac 8.9.10 (80910043) Extension Version: Not Provided OS Version: MacOS 13.0.1 Browser:_ Not Provided
Can't download private key when sharing SSH?
I have an SSH key in 1Password for a shared cloud VM, and I use the password sharing feature to provide it to users that need access to the VM. This has worked great until the most recent time I tried this today. Using the shared link, neither I nor the other person can download the private key (the Copy button does nothing), although the public key and fingerprint copy just fine. I can't find a workaround either as I can't even seem to select the entire field for a normal copy (it's truncated). Is this an issue on the server side? We've tried it on Windows in both Edge and Chrome. 1Password Version: 8.10.45 Extension Version: Not Provided OS Version: Windows 11 Browser: Edge Chromium and Chrome
Allowing "Authorize" button press for SSH keys when Touch ID is enabled
Touch ID support in 1password broke on my machine recently—I fixed it by resetting 1password and now all is well again. But while it was disabled, I noticed that accessing SSH keys while 1password was unlocked only required a simple button press of Authorize rather than having to type the 1password password every time. Like many devs, I use an external keyboard and my laptop is quite far away from where I'm typing. When 1password is unlocked, it's a bit of a pain to have to press the Touch ID button every time I use an SSH key by for example signing a commit or pulling/pushing to GitHub in a new terminal window. Given 1password is unlocked, and I could access the SSH key directly, it feels like having the "Authorize" button and not requiring Touch ID in this situation would be a usability improvement without sacrificing security? 1Password Version: 8.10.34 Extension Version: Not Provided OS Version: MacOS 14.5 Browser: Not Provided
