Support for multiple ssh agents

[fflaten]

1Password recently added support for storing SSH keys in the password manager, using an included ssh agent that allows users to securely approve each request for the keys.

From what I understand from their docs though, it seems like Win32-OpenSSH is currently hardcoded to always use the default \\.\pipe\openssh-ssh-agent pipe and not respecting IdentityAgent values in .ssh/config which would allow users to use 1Password ssh-agent (and vault) for keys used in specific connections only.

Any plans to support this in the future?

Please correct me if I've misunderstood this. 😄

[MaxBosse]

This issue is a bit older, but since I've just ran into the same thing I will give my feedback.

My understanding is that windows does not have "socket"-files as UNIX/Linux does. Instead it uses named pipes. 1Password actually works with windows by starting its own ssh-agent that creates the openssh-ssh-agent pipe (make sure to disable the "official" service, in case 1password didn't do it).

My issue however was, that I had git for windows installed with its own openSSH installation, which caused 1Password to not work (since the openSSH installation was not using the named pipe but mingw64's UNIX-sockets). Reinstalling git for windows and selecting the option to use the windows openssh installation fixed my issues with 1Password not working.

[jamiehankins]

@MaxBosse

My understanding is that windows does not have "socket"-files as UNIX/Linux does. Instead it uses named pipes. 1Password actually works with windows by starting its own ssh-agent that creates the openssh-ssh-agent pipe (make sure to disable the "official" service, in case 1password didn't do it).

This used to be the case many, many moons ago. Windows 10 has supported Berkeley Domain Sockets for a good time now, but they haven't changed their fork of SSH to take advantage of it.

Not having three different SSH-Agent protocols (BDS, Pageant, and weird named-pipe) would be a big step forward.

Here's the "Issue".