Protect what matters – even after you're gone. Make a plan for your digital legacy today.
Missing op-ssh-sign-wsl on Windows WSL
Hi team. I am trying to use the 1Password SSH Agent with WSL2, but I keep getting this error when SSH is invoked: fatal: cannot exec '/mnt/c/Users/bronze/AppData/Local/1Password/app/8/op-ssh-sign-wsl': No such file or directory error: fatal: failed to write commit object Environment: Windows 10 1Password desktop installed and signed in SSH Agent enabled in 1Password desktop WSL2 (Ubuntu) op installed via the official 1Password page op --version: 2.32.0 Issue: Running SSH inside WSL fails because the binary op-ssh-sign-wsl is missing. Running:ls ~/.1password/agent shows no op-ssh-sign-wsl. op ssh commands are recognized or partially recognized, but signing still fails due to missing binary. What I’ve tried: Reinstalled WSL on Windows. Disabled and Re-enabled SSH Agent on the Windows app Reinstalled 1password-cli inside WSL through the official page Restarted WSL and my machine. Same result: op-ssh-sign-wsl is not created. Thanks in advance.
Use XDG_RUNTIME_DIR for agent.sock
Most distributions now should have good support for using the XDG directory specs, and 1Password successfully does this already for the browser integration. `$XDG_RUNTIME_DIR/1Password-BrowserSupport.sock` In 2025, can we please finally get support for the SSH agent socket to use XDG_RUNTIME_DIR as well? The previous post on this was 4 years ago. https://www.1password.community/discussions/developers/linux-use-xdg-runtime-dir-instead-of-home-1password/139159"Connection Refused" when accessing 1Password ssh-agent within DevContainer
I've been trying to get this to work for a few hours and I'm at a loss for what to do next, so asking for ideas about what the problem could be. My software stack is macOS 26/Tahoe, 1Password 8.11.16, Orbstack (for containers), and VSCode w/DevContainers. I have my SSH keys in 1Password and when executed from the host system, the keys are visible (and SSH works): % SSH_AUTH_SOCK="${HOME}/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock" ssh-add -l 256 SHA256:... (ED25519) % ssh -T git@github.com Hi <username>! You've successfully authenticated, but GitHub does not provide shell access. I have the DevContainer configuration to bind-mount the socket into the container and set a proper `SSH_AUTH_SOCK` value: "mounts": [ "source=${env:HOME}/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock,target=/tmp/ssh-agent-1password.sock,type=bind" ], "remoteEnv": { "SSH_AUTH_SOCK": "/tmp/ssh-agent-1password.sock" }, ... when I am in the container, the socket looks right, `SSH_AUTH_SOCK` is correct, but `ssh-add` fails to connect with an error: root@5a53d7e1c685:/tmp# ls -la ssh-agent-1password.sock srw------- 1 root root 0 Nov 2 16:36 ssh-agent-1password.sock root@5a53d7e1c685:/tmp# echo $SSH_AUTH_SOCK /tmp/ssh-agent-1password.sock root@5a53d7e1c685:/tmp# ssh-add -l Error connecting to agent: Connection refused I've verified that the directory itself IS accessible to docker by changing `source=${env:HOME}/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock` to be `source=${env:HOME}/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sockk` and restarting the container -- when I do that, the directory `agent.sockk` is created within the directory as expected (which I am interpreting as evidence that Docker can traverse all the way to the directory and create a sub-folder within it). I suspect what is happening is that 1Password is blocking the connection entirely (meaning it isn't a filesystem permissions error or otherwise), but I'm not sure how to prove that is the case or how to fix it if it IS the case. Any ideas for diagnostic steps to take next?
Statically link ARM64 for use on Alpine phone
Hi there, I'm trying to get 1password running on PostmarketOS. The challenge is it's Alpine Linux based, so it uses musl libc instead of glibc. It seems that the arm64 build of 1password (including the beta) is looking for glibc symbols, and installing gcompat is not enough (gcompat really only works for very simple binaries). The normal suggestions of using containers to run glibc binaries on Alpine aren't good for extremely resource constrained systems like old linux phones. Password manager support from a multi-platform provider is a pretty big hole in the linux phone market right now, and this would make a big impact. Your linux features would be extremely useful on a linux phone, particularly unlocking 1password with the system secret store. Any possibility of shipping a statically linked build for arm64/aarch64? I'm a developer myself, and can provide you with more information if you need it.
Fingerprint sensor support on remote systems?
Hello, maybe I missed something. Hence, I am asking before buying a new Mac Keyboard with sensor ... I use 1Password for: local stuff on my Mac on remote systems over ssh Visual Studio Code (VSC) remote over ssh VSC Docker devcontainers on remote Linux systems (In VSC open a folder on a remote system, open the project folder in docker devcontainers) Typing in the vault password is a cumbersome thing, when done too often, and restarting and rebuilding the containers, are new shells / terminals requesting entering the 1Password vault password often. Hence, I am looking for a way to make this simpler and hoped for support of the fingerprint sensor on remote systems.
New Feature Request: Copy Item Reference
When we right click on a secret there's a function called "Copy Secret Reference" in a UI application. We need similar thing to copy item title as "Copy Title Reference"... ex: Vault: STAGING Title: PROD_URL Copy reference will return "op://STAGING/PROD_URL" Believe me people need this.New: JWT Decoding Support
Hi all, Just released today, you can now decode JWT (JSON Web Tokens) directly in the 1Password desktop app. No more do you have to dump your tokens into websites. Learn more about it in the announcement post. What other things can we add to help ease your development flow?Feature Request - Access vault from inside docker container
Background At our work, we spawn a Docker container that contains the tooling required to build our Yocto-based OS image. We want to pull a key from our shared 1Password vault and inject it into our OS image. Developers all have the op plugin installed and are logged in to their accounts. Problem If we install the op CLI inside the Docker image, developers have to log in to their account again when they spawn the container to get access to the vault. This is cumbersome. Our workaround is to have developers run a script before spawning the container that opens the vault on their host machine, accesses the vault through the op CLI, and grabs the key. We currently write it to disk on the host and mount that into the Docker container, which is a potential security vulnerability that we'd like to avoid. Proposed Solution I'd like to install the op plugin into our builder Docker image and access the op CLI from the host. We can do that for things like SSH - we mount the SSH_AUTH_SOCK into the container and it just proxies requests back into the host. Could there be a domain socket for the op CLI to allow us to do something similar? Similar Requests Feature Request: First-Class Support for Dev Containers and 'op' CLI | 1Password Community - but not just for devcontainers, more generic.
Connection reset when `podman login` runs `op`
I've set up a https://linuskarlsson.se/blog/podman-credential-helpers/ which runs `op read 'op://[redacted]'` internally. When I run the helper program in a terminal it works fine, prompts for the password if necessary, and prints the credentials. But when running `podman login` in the same terminal it fails with the following error: [ERROR] 2025/07/23 16:22:20 could not read secret 'op://[redacted]': error initializing client: connecting to desktop app: read: connection reset, make sure 1Password CLI is installed correctly, then open the 1Password app, select 1Password > Settings > Developer and make sure the 'Integrate with 1Password CLI' setting is turned on. If you're still having trouble connecting, visit https://developer.1password.com/docs/cli/app-integration#troubleshooting for more help. I've verified that the setting is turned on (running the helper program directly wouldn't work otherwise). I'm running `op` version 2.31.0.
