Hacker News new | ask | show | jobs
by adventureadmin 1579 days ago
How does it work with with `~/.ssh/config`? Mainly, say I have keys in the vault for many machines, if they all get added to the 1password ssh-agent sock, won't you get "Too Many Auth failures", unless there is a way to pair the key to a `Host`? Maybe `~/.ssh/config` can pair keys to a `Host` by fingerprint instead of file?
2 comments
petepete 1579 days ago
I use a Keybase encrypted git repo called secrets, it contains my ssh keys, config, pgpass and a few other files.

I use stow to install them on a computer when I'm setting one up.

Haven't run into any problems with this approach, my Keybase is protected with a Yubikey.

link
zrail 1579 days ago
The documentation covers that.

tl;dr: you can pin public keys to hosts

https://developer.1password.com/docs/ssh/agent/advanced#ssh-...

link
adventureadmin 1579 days ago
Ahh, well that's still an improvement, but it would be nice to not have to download anything.
link