It’s Cybersecurity Awareness Month! Join our interactive training session, or learn about security and AI from 1Password experts.
linux
40 TopicsStatically link ARM64 for use on Alpine phone
Hi there, I'm trying to get 1password running on PostmarketOS. The challenge is it's Alpine Linux based, so it uses musl libc instead of glibc. It seems that the arm64 build of 1password (including the beta) is looking for glibc symbols, and installing gcompat is not enough (gcompat really only works for very simple binaries). The normal suggestions of using containers to run glibc binaries on Alpine aren't good for extremely resource constrained systems like old linux phones. Password manager support from a multi-platform provider is a pretty big hole in the linux phone market right now, and this would make a big impact. Your linux features would be extremely useful on a linux phone, particularly unlocking 1password with the system secret store. Any possibility of shipping a statically linked build for arm64/aarch64? I'm a developer myself, and can provide you with more information if you need it.4Views0likes0CommentsFingerprint sensor support on remote systems?
Hello, maybe I missed something. Hence, I am asking before buying a new Mac Keyboard with sensor ... I use 1Password for: local stuff on my Mac on remote systems over ssh Visual Studio Code (VSC) remote over ssh VSC Docker devcontainers on remote Linux systems (In VSC open a folder on a remote system, open the project folder in docker devcontainers) Typing in the vault password is a cumbersome thing, when done too often, and restarting and rebuilding the containers, are new shells / terminals requesting entering the 1Password vault password often. Hence, I am looking for a way to make this simpler and hoped for support of the fingerprint sensor on remote systems.14Views0likes1CommentNew Feature Request: Copy Item Reference
When we right click on a secret there's a function called "Copy Secret Reference" in a UI application. We need similar thing to copy item title as "Copy Title Reference"... ex: Vault: STAGING Title: PROD_URL Copy reference will return "op://STAGING/PROD_URL" Believe me people need this.21Views0likes2CommentsNew: JWT Decoding Support
Hi all, Just released today, you can now decode JWT (JSON Web Tokens) directly in the 1Password desktop app. No more do you have to dump your tokens into websites. Learn more about it in the announcement post. What other things can we add to help ease your development flow?10Views0likes0CommentsHow do I use the SSH agent in headless Linux?
I want to clone a Git repository that needs SSH authorization. On my desktop this is straightforward: I have the 1Password app installed and the SSH agent enabled in its settings. git clone with an SSH URL makes the desktop app prompt me for approval and I get connected properly. However I want to clone a repository in a Debian Linux LXC. It does not have any GUI installed; I can only connect to it via a shell. I have the 1Password CLI app op installed and connected properly because op vault list works. However I cannot use the SSH agent: # ssh-add -l Could not open a connection to your authentication agent. My ~/.ssh/config looks like: Host * IdentityAgent ~/.1password/agent.sock More context about my CLI installation which is installed from the 1Password Debian repository: # apt info 1password-cli Package: 1password-cli Version: 2.31.1-2 Maintainer: 1Password <support@1password.com> Installed-Size: unknown Homepage: https://agilebits.com/ Vendor: 1Password <support@1password.com> Download-Size: 6729 kB APT-Manual-Installed: yes APT-Sources: https://downloads.1password.com/linux/debian/amd64 stable/main amd64 Packages Description: The official 1Password command-line tool. # op --version 2.31.1 I don't have a ~/.1password directory so the agent is not set up or not running. How can I get it running without a GUI to approve its use?Solved130Views0likes4CommentsFeature Request - Access vault from inside docker container
Background At our work, we spawn a Docker container that contains the tooling required to build our Yocto-based OS image. We want to pull a key from our shared 1Password vault and inject it into our OS image. Developers all have the op plugin installed and are logged in to their accounts. Problem If we install the op CLI inside the Docker image, developers have to log in to their account again when they spawn the container to get access to the vault. This is cumbersome. Our workaround is to have developers run a script before spawning the container that opens the vault on their host machine, accesses the vault through the op CLI, and grabs the key. We currently write it to disk on the host and mount that into the Docker container, which is a potential security vulnerability that we'd like to avoid. Proposed Solution I'd like to install the op plugin into our builder Docker image and access the op CLI from the host. We can do that for things like SSH - we mount the SSH_AUTH_SOCK into the container and it just proxies requests back into the host. Could there be a domain socket for the op CLI to allow us to do something similar? Similar Requests Feature Request: First-Class Support for Dev Containers and 'op' CLI | 1Password Community - but not just for devcontainers, more generic.99Views0likes8CommentsConnection reset when `podman login` runs `op`
I've set up a https://linuskarlsson.se/blog/podman-credential-helpers/ which runs `op read 'op://[redacted]'` internally. When I run the helper program in a terminal it works fine, prompts for the password if necessary, and prints the credentials. But when running `podman login` in the same terminal it fails with the following error: [ERROR] 2025/07/23 16:22:20 could not read secret 'op://[redacted]': error initializing client: connecting to desktop app: read: connection reset, make sure 1Password CLI is installed correctly, then open the 1Password app, select 1Password > Settings > Developer and make sure the 'Integrate with 1Password CLI' setting is turned on. If you're still having trouble connecting, visit https://developer.1password.com/docs/cli/app-integration#troubleshooting for more help. I've verified that the setting is turned on (running the helper program directly wouldn't work otherwise). I'm running `op` version 2.31.0.76Views1like10Commentsopenv – A simple CLI tool to wrap commands with 1Password secrets from .env
Hey folks, 👋 I just released a new version of a small command-line tool I’ve been working on called openv. 💡 What it does: It automatically wraps selected dev commands (like npm dev, pnpm run, etc.) with op run, if your project’s .env file contains op:// secrets from 1Password. So instead of manually writing: run --env-file=.env -- npm run dev You can just type, as you would normally do: npm run dev And it will be wrapped automatically via a shell hook. 🧠 Why I built it: This started as a personal tool because I kept forgetting to wrap my dev commands with op run, and I wanted a smoother experience that "just works" based on .env contents. It hooks into ZSH (likely direnv), with support for allow/deny patterns (e.g., only wrap certain commands like pnpm start). 🛠️ Tech: Written in Rust Works in ZSH, Bash, and Fish Installable via Homebrew Fully local 🧪 Notes: This is an early release, mainly developed for my personal use. I’m sharing it here in case others find it useful. Feedback, issues, or even feature ideas are very welcome — but no pressure! GitHub: https://github.com/andrea11/openv Thanks for reading — and happy coding! 🚀114Views0likes2Comments