You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardexpand all lines: tutorials/sftp_publickeyauth_1password.md
+62-6
Original file line number
Diff line number
Diff line change
@@ -5,17 +5,73 @@ Public-key authentication using 1Password SSH Agent allows you to connect to a r
5
5
- Private key managed by 1Password
6
6
- Public key placed on the server usually by the system administrator
7
7
8
-
1. Ensure you have configured 1Password to manage your SSH keys. For more information, refer to [1Password SSH Agent](https://developer.1password.com/docs/ssh/agent).
9
-
2. Open the OpenSSH configuration file `~/.ssh/config` and add the following configuration specifying to use 1Password as the SSH agent:
8
+
1. Ensure you have configured 1Password to manage your SSH keys. For more information, refer to [1Password SSH Agent](https://developer.1password.com/docs/ssh/agent). Enable the 1Password SSH Agent in _1Password > Settings… > Developer_
This [configuration](https://docs.cyberduck.io/protocols/sftp/#openssh-configuration-interoperability) directive is supported by Cyberduck and Mountain Duck.
17
-
3. In the [Bookmark](../cyberduck/bookmarks.md) or [Connection](../cyberduck/connection.md) panel, select *Use Public Key Authentication*
18
-
4. Select the public key corresponding to your SSH private key saved in 1Password. Typically, it is located in the `~/.ssh` directory.
26
+
Alternatively allow 1Password to add the setting automatically:
This [configuration](https://docs.cyberduck.io/protocols/sftp/#openssh-configuration-interoperability) directive is supported by Cyberduck and Mountain Duck. You can restrict the settings to a single alias in the configuration file instead of matching it for all connections with `*`.
34
+
35
+
4. Create a new SSH key in 1Password and copy the _Public key_ to the clipboard.
36
+
37
+
:::{image} _images/1Password_SSH_Key_Create.png
38
+
:alt: 1Password SSH Key
39
+
:width: 600px
40
+
:::
41
+
42
+
5. Add the public key copied from 1Password to the `authorized_keys` in your `~/.ssh` directory on the server running OpenSSH.
6. Add a new [Bookmark](../cyberduck/bookmarks.md) in Cyberduck or Mountain Duck. Enter the alias from your OpenSSH configuration or the hostname in _Server_. You do **not** need to set a value for _Password_.
49
+
50
+
:::{image} _images/Bookmark_Panel.png
51
+
:alt: Bookmark Panel
52
+
:width: 600px
53
+
:::
54
+
55
+
:::{tip}
56
+
The server may respond with _[Too many authentication failures](../protocols/sftp/index.md#too-many-authentication-failures)_ when trying to authenticate with all keys stored in 1Password. In the [Bookmark](../cyberduck/bookmarks.md) panel, select the public key corresponding to your SSH private key saved in 1Password for *SSH Private Key*. The public key must be available as a file you can write from the clipboard to a file using:
57
+
58
+
```
59
+
pbpaste > ~/.ssh/test.pub
60
+
```
61
+
62
+
Alternatively, add the public key to the OpenSSH configuration file `~/.ssh/config` with the `IdentityFile` directive
63
+
64
+
```
65
+
# Public Key File used to filter identities from SSH agent
66
+
IdentityFile ~/.ssh/test.pub
67
+
```
68
+
69
+
7. Connect to the server and acknowledge the prompt to use the private key stored in 1Password.
0 commit comments