fix: SSH signing/auth fallback fails in Claude Code remote sessions #12
Description
Problem
When connected to a Mac remotely via Claude Code (or similar tools), the SSH signing wrapper at ~/.config/git/ssh-sign and the SSH agent auth both fail because:
-
Signing wrapper checks
SSH_CONNECTION/SSH_CLIENTenv vars to decide whether to use the 1Password agent or the fallback key. Claude Code doesn't set these vars even when the user is remote — so the wrapper tries 1Password, which can't do biometric approval remotely, and fails withcommunication with agent failed. -
SSH transport for
git pushalso routes through the 1Password SSH agent. When it's unresponsive, there's no automatic fallback to the remote signing key for authentication — only signing has a fallback path. -
The fallback key (
~/.ssh/id_ed25519_remote) is only registered with GitHub as a signing key, not an authentication key. So even when forced viaGIT_SSH_COMMAND, GitHub rejects it.
What happened
During a Claude Code session, git commit and git push both failed. Had to work around it by:
- Committing with
-c user.signingkey=~/.ssh/id_ed25519_remote - Pushing via HTTPS (
git push https://github.com/...) since SSH auth was dead
Fix needed
- Register
id_ed25519_remoteas both a signing AND authentication key on GitHub - Update
ssh-signwrapper to detect Claude Code sessions (check forCLAUDE_CODEenv var or absence of a TTY) as a fallback trigger - Add SSH config fallback:
IdentityFile ~/.ssh/id_ed25519_remoteas a secondary identity forgithub.comso SSH transport works when 1Password is unavailable - Or: configure git to fall back to HTTPS protocol when SSH agent is unresponsive