Protect what matters – even after you're gone. Make a plan for your digital legacy today.
SSH agent isn't working (Windows 11)
I can't use my vault's SSH keys on my terminal. I've reinstalled multiple times and followed the https://developer.1password.com/docs/ssh/get-started/, but I can't make it work correctly. My 1Password config is set up as follows: I've disabled the OpenSSH Authentication Agent (the screenshot is in spanish) My ~/.ssh/config file: Host * IdentityAgent "~/.1password/agent.sock" My ~/.gitconfig file: [core] sshCommand = ssh.exe autocrlf = input [user] email = {email} name = {user} signingkey = ssh-ed25519 AAA[...] [gpg] format = ssh [gpg "ssh"] program = C:\\Users\\{user}\\AppData\\Local\\1Password\\app\\8\\op-ssh-sign.exe [commit] gpgsign = true Whenever I run ssh-add -L my vault's SSH keys are shown, but I can't seem to make it work with GitHub or connect to any SSH connection. ❯ ssh-add -L ssh-ed25519 AA[...] Authentication & Signing (Git) ssh-ed25519 AA[...] Authentication ❯ ssh -Tv git@github.com OpenSSH_for_Windows_9.5p1, LibreSSL 3.8.2 debug1: Reading configuration data C:\\Users\\{user}/.ssh/config debug1: C:\\Users\\{user}/.ssh/config line 1: Applying options for * debug1: Connecting to github.com [140.82.116.4] port 22. debug1: Connection established. debug1: identity file C:\\Users\\{user}/.ssh/id_rsa type -1 debug1: identity file C:\\Users\\{user}/.ssh/id_rsa-cert type -1 debug1: identity file C:\\Users\\{user}/.ssh/id_ecdsa type -1 debug1: identity file C:\\Users\\{user}/.ssh/id_ecdsa-cert type -1 debug1: identity file C:\\Users\\{user}/.ssh/id_ecdsa_sk type -1 debug1: identity file C:\\Users\\{user}/.ssh/id_ecdsa_sk-cert type -1 debug1: identity file C:\\Users\\{user}/.ssh/id_ed25519 type -1 debug1: identity file C:\\Users\\{user}/.ssh/id_ed25519-cert type -1 debug1: identity file C:\\Users\\{user}/.ssh/id_ed25519_sk type -1 debug1: identity file C:\\Users\\{user}/.ssh/id_ed25519_sk-cert type -1 debug1: identity file C:\\Users\\{user}/.ssh/id_xmss type -1 debug1: identity file C:\\Users\\{user}/.ssh/id_xmss-cert type -1 debug1: identity file C:\\Users\\{user}/.ssh/id_dsa type -1 debug1: identity file C:\\Users\\{user}/.ssh/id_dsa-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_for_Windows_9.5 debug1: Remote protocol version 2.0, remote software version 133e47a51 debug1: compat_banner: no match: 133e47a51 debug1: Authenticating to github.com:22 as 'git' debug1: load_hostkeys: fopen C:\\Users\\{user}/.ssh/known_hosts2: No such file or directory debug1: load_hostkeys: fopen __PROGRAMDATA__\\ssh/ssh_known_hosts: No such file or directory debug1: load_hostkeys: fopen __PROGRAMDATA__\\ssh/ssh_known_hosts2: No such file or directory debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: algorithm: curve25519-sha256 debug1: kex: host key algorithm: ssh-ed25519 debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: SSH2_MSG_KEX_ECDH_REPLY received debug1: Server host key: ssh-ed25519 SHA256:+DiY3wvvV6TuJJhbpZisF/zLDA0zPMSvHdkr4UvCOqU debug1: load_hostkeys: fopen C:\\Users\\{user}/.ssh/known_hosts2: No such file or directory debug1: load_hostkeys: fopen __PROGRAMDATA__\\ssh/ssh_known_hosts: No such file or directory debug1: load_hostkeys: fopen __PROGRAMDATA__\\ssh/ssh_known_hosts2: No such file or directory debug1: Host 'github.com' is known and matches the ED25519 host key. debug1: Found key in C:\\Users\\{user}/.ssh/known_hosts:3 debug1: ssh_packet_send2_wrapped: resetting send seqnr 3 debug1: rekey out after 134217728 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: ssh_packet_read_poll2: resetting read seqnr 3 debug1: SSH2_MSG_NEWKEYS received debug1: rekey in after 134217728 blocks debug1: get_agent_identities: ssh_get_authentication_socket: No such file or directory debug1: Will attempt key: C:\\Users\\{user}/.ssh/id_rsa debug1: Will attempt key: C:\\Users\\{user}/.ssh/id_ecdsa debug1: Will attempt key: C:\\Users\\{user}/.ssh/id_ecdsa_sk debug1: Will attempt key: C:\\Users\\{user}/.ssh/id_ed25519 debug1: Will attempt key: C:\\Users\\{user}/.ssh/id_ed25519_sk debug1: Will attempt key: C:\\Users\\{user}/.ssh/id_xmss debug1: Will attempt key: C:\\Users\\{user}/.ssh/id_dsa debug1: SSH2_MSG_EXT_INFO received debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,ssh-ed25519,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,rsa-sha2-512,rsa-sha2-256,ssh-rsa> debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey debug1: Next authentication method: publickey debug1: Trying private key: C:\\Users\\{user}/.ssh/id_rsa debug1: Trying private key: C:\\Users\\{user}/.ssh/id_ecdsa debug1: Trying private key: C:\\Users\\{user}/.ssh/id_ecdsa_sk debug1: Trying private key: C:\\Users\\{user}/.ssh/id_ed25519 debug1: Trying private key: C:\\Users\\{user}/.ssh/id_ed25519_sk debug1: Trying private key: C:\\Users\\{user}/.ssh/id_xmss debug1: Trying private key: C:\\Users\\{user}/.ssh/id_dsa debug1: No more authentication methods to try. git@github.com: Permission denied (publickey). One thing I noticed is that the folder .1password with the agent.sock file is not being created on my %USERPROFILE% folder. ❯ cd ~ && lsd -la | findstr ".1password" {empty} I installed lsd (chocolatey) on windows btw
Azure container app provisioning not working
It used to work on 2.9.6 version. But it broke aswell after a couple of months. I read somewhere that the version needs to be up-to-date to have the provisioning work. Now after upgrading to 2.9.9 the SCIM bridge site is all green but no information is being brought in to 1password. I tried to search for a fix but I just cant figure out what the problem is.
authorization timeout when using CLI
I'm trying to use the 1password CLI to automate some password retrieval tasks etc, however, I'm noticing that after the first couple of auths I start receiving authorization timeout errors. Debug mode output: op vault list --debug 10:15AM | DEBUG | Session delegation enabled 10:15AM | DEBUG | NM request: NmRequestAccounts 10:15AM | DEBUG | NM response: Success 10:15AM | DEBUG | NM request: NmRequestAccounts 10:15AM | DEBUG | NM response: Success 10:15AM | DEBUG | account not signed in, filter= latest_signin_user= 10:15AM | DEBUG | NM request: NmRequestAccounts 10:15AM | DEBUG | NM response: Success 10:15AM | DEBUG | NM request: NmRequestAuthorization [ERROR] 2025/07/11 10:16:41 authorization timeout We use Okta SSO for authentication for 1password; when I first connect I get prompted to open the 1Password app, and auth as normal, and then the cli behaves ok. If I wait a few minutes after doing this and open a new terminal and try to run these commands again I get the authorization timeout. Any ideas what the issue might be and next steps to troubleshoot?
Service Account Permissions Issue: Vault Access Restricted to Read-Only
Hi all, I'm having trouble with the permissions of the service account. Even though I grant it read, write and share permissions on a vault when creating the service account, the account is actually created with read-only permissions. This is evident both from the attached image and from the code I am running (Python SDK) which can access the vault for reading, but not for writing. The error I am getting is: you do not have the right permissions to perform this action: not sufficient permissions for the item update operation I also tried to create the service account again with all the necessary permissions, but the problem persists, even though I grant it permission to create vaults. I have no idea what it could be or what else I could try. Thanks
