macOS + 1Password SSH agent forwarding + Nushell not working with k3sup

[Nezteb]

Why do you need this?

Wild title, I know. I've done my best to isolate the issue to something with k3sup

I'm trying to use k3sup on a VPS. I use the 1Password SSH agent and it works great with both SSH connections and git SSH signing. When invoking a command that queries the active SSH agent, a 1Password popup prompts for auth and then will send the key to the requesting application.

The odd part is that while both zsh and Nushell (nu) have working SSH agent forwarding with the 1Password SSH agent, only in Nushell does k3sup fail to pull from the SSH agent. Instead, k3sup defaults to trying to use ~/.ssh/id_rsa despite that file not existing on my machine:

Error: unable to load the ssh key with path "/Users/noah/.ssh/id_rsa": unable to read file: /Users/noah/.ssh/id_rsa, open /Users/noah/.ssh/id_rsa: no such file or directory

To recap:

	zsh	nushell
ssh agent forward	works	works
k3sup install	works	doesn't work

Also my SSH configs are the same for both shells.

Expected Behavior

I'd like k3sup to behave on nu just as it does with zsh.

Current Behavior

Using k3sup in nu fails to read from the SSH agent and tries to read the non-existent ~/.ssh/id_rsa key.

Possible Solution

I don't know if a change needs to happen in nu, k3sup, or both. The only reason I'm making this issue here and not in the Nushell repo is because normal SSH agent forwarding works with nu.

As far as the code, cmd/install.go:383 is being hit so somehow initialSSHErr is being set to a non-nil value.

Steps to Reproduce

1. Verify that SSH forwarding works for both zsh and nu:

laptop  > ssh root@my.vps
my.vps > ssh -T git@github.com
Hi Nezteb! You've successfully authenticated, but GitHub does not provide shell access.

2. In zsh, run k3sup install --cluster --user root --host $VPN_HOST --k3s-channel stable. Verify it works and triggers the 1Password prompt.
3. In nu, run the same command. Notice error:

Error: unable to load the ssh key with path "/Users/noah/.ssh/id_rsa": unable to read file: /Users/noah/.ssh/id_rsa, open /Users/noah/.ssh/id_rsa: no such file or directory

Your Environment

• k3sup version:

Version: 0.13.3
Git Commit: 0903a7d

• What Kubernetes distribution, client and server version are you using?

Client Version: v1.27.4
Kustomize Version: v5.0.1
Server Version: v1.27.4+orb1

• What OS or type or VM are you using for your cluster? Where is it hosted? (for k3sup install/join):

Hetzner Cloud (Debian 11) with public IP and and SSH access via SSH key

• Operating System and version (e.g. Linux, Windows, MacOS):

macOS 14.1 (Sonoma) [arm64]
Nushell 0.85.0

Do you want to work on this?

Subject to design approval, are you willing to work on a Pull Request for this issue or feature request?

• Yes
• Yes, though I don't know Go well enough, but I'll gladly follow as many debugging steps as possible
• No

Additional Context

I found a couple similar issues/PRs, but they're old so I imagine they aren't relevant:

• Add support for Smart Cards/pre-configured agents. #311
• Transparently use ssh-agent on linux/darwin #312

[alexellis]

Hi @Nezteb

Thanks for your interest in k3sup.

I don't have time to investigate niche shells such as nushell, the main thing is that it's working as advertised for bash, which is what I'm happy to support, and if zsh also works, that's an added bonus.

Feel free to go wild, and if you can find out why nushell doesn't conform, raise an issue with their project, or fork k3sup and play around until you can make it work.

Alex

[oleksii-kalinin]

It's not only zsh issue, the issue that k3sup doesn't use ssh-agent