Feature request: forward op cli socket over SSH

Running op CLI on a remote server in the absence of the desktop app requires storing the account secret on that server on the filesystem in cleartext:
$ cat ~/.config/op/config { "latest_signin": "my", "device": "[REDACTED]", "accounts": [ { "shorthand": "my", "accountUUID": "[REDACTED]", "url": "https://my.1password.com", "email": "[REDACTED]", "accountKey": "[REDACTED]", "userUUID": "[REDACTED]", "dsecret": "[REDACTED]" } ] }

With the right filesystem permissions this can be reasonably secure, but not as secure as the local desktop app.

It would be useful if the op tool had an agent-socket-forwarding mechanism similar to SSH agent forwarding allowing the op binary on a remote server to communicate with the local 1Password Desktop instance over an SSH connection.

This is not the same as forwarding the 1Password ssh-agent socket over SSH, this would be a separate socket for op CLI operations.

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: macOS, Windows, Linux
Browser: Not Provided

CLI

Forum Discussion

Feature request: forward op cli socket over SSH

Recent discussions

Feature Request - Access vault from inside docker container

CLI Slow Performance

SSH Agent signs out too soon

console logs: unable to filter out 1password logs in local development

Feature Request: API Endpoints for 1Password Usage Reports