Protect what matters – even after you're gone. Make a plan for your digital legacy today.
WSL2 + 1Password CLI
I have a WSL2 system set up with NixOS where I used to be able to use shell plugins (primarily the `gh` tool for GitHub) - but today it is not working, throwing an error message: [ERROR] 2025/12/27 22:35:25 Shell Plugins can only be used with the 1Password app integration enabled. To learn more about this feature, check out: https://developer.1password.com/docs/cli/about-biometric-unlock/ This used to work - but unfortunately I don't know exactly _when_ it stopped working, I use the VM sporadically. Config: $ op plugin inspect ? Choose which CLI configuration to inspect: gh (GitHub) GitHub CLI Configured Aliases ✔ Alias for "gh" configured ✔ Aliases sourced (/home/gac/.config/op/plugins.sh) Configured Credentials ✔ Configured as global default: CREDENTIAL TYPE ITEM VAULT GitHub Personal Access Token GitHub Personal Access Token Private Versions: $ uname -a Linux wsl 6.6.87.2-microsoft-standard-WSL2 #1 SMP PREEMPT_DYNAMIC Thu Jun 5 18:30:46 UTC 2025 x86_64 GNU/Linux $ nixos-version 25.11.20251226.f560cce (Xantusia) $ op --version 2.32.0 $ wsl.exe --version WSL version: 2.6.3.0 Kernel version: 6.6.87.2-1 WSLg version: 1.0.71 MSRDC version: 1.2.6353 Direct3D version: 1.611.1-81528511 DXCore version: 10.0.26100.1-240331-1435.ge-release Windows version: 10.0.26200.7462 If biometric login is a hard requirement then this is problematic to say the least as this is a desktop - there is no Windows Hello and no biometric capability. The documentation page does redirect to a different page about app integration, however this seems to only cover common use cases such as "I am using Windows and I want access to 1Password from Powershell" or "I have macOS and want access from the native terminal with `bash`/`zsh`". There doesn't seem to be any advice for running within a WSL2 virtual machine where 1Password is running _outside_ of the VM and I need access for shell plugins _inside_ the VM... Any tips or advice?
Cannot find "Destinations" tab for mounting secrets to local .env files
I am trying to use the feature "Access secrets from 1Password through local .env files" but I cannot find the "Destinations" tab. What I have done: Enabled "Show 1Password Developer experience" in Settings > Developer Enabled "Record and display activity" I can see and use the AWS Secrets Manager integration What I expected: According to the documentation, there should be a "Destinations" tab that allows me to mount secrets to a local .env file. What I see: The "Destinations" tab does not appear anywhere in the interface. I only see the AWS Secrets Manager integration option. Environment: 1Password version: Latest OS: Windows Account type: Individual Could you please help me understand how to access the Destinations feature, or let me know if this feature has been moved or deprecated? Thank you.
SSH agent requires restart between every GitHub request
I've been using the 1Password SSH agent to sign commits and authenticate with GitHub for months without any issues. Today, I started experiencing intermittent SSH timeouts when trying to pull, fetch, or push: ssh: connect to host github.com port 22: Connection timed out fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. At first I assumed this was a GitHub outage, but I noticed that when 1Password prompted me to approve the SSH key, the request would succeed. After a while, the timeouts would return. I changed "Remember key approval" from 12 hours to "until 1Password quits." This helped, but now I have to restart 1Password and re-approve the key between every single Git request, otherwise it times out again. Environment: Windows 11 Affects Git CLI, Git Fork, and VS Code Commit signing with the same key still works fine What I've tried: Changing "Remember key approval" to "until 1Password quits" Restarting 1Password (temporarily fixes it for one request) Restarting my computer Has anyone else run into this? Any suggestions would be appreciated.
Missing op-ssh-sign-wsl on Windows WSL
Hi team. I am trying to use the 1Password SSH Agent with WSL2, but I keep getting this error when SSH is invoked: fatal: cannot exec '/mnt/c/Users/bronze/AppData/Local/1Password/app/8/op-ssh-sign-wsl': No such file or directory error: fatal: failed to write commit object Environment: Windows 10 1Password desktop installed and signed in SSH Agent enabled in 1Password desktop WSL2 (Ubuntu) op installed via the official 1Password page op --version: 2.32.0 Issue: Running SSH inside WSL fails because the binary op-ssh-sign-wsl is missing. Running:ls ~/.1password/agent shows no op-ssh-sign-wsl. op ssh commands are recognized or partially recognized, but signing still fails due to missing binary. What I’ve tried: Reinstalled WSL on Windows. Disabled and Re-enabled SSH Agent on the Windows app Reinstalled 1password-cli inside WSL through the official page Restarted WSL and my machine. Same result: op-ssh-sign-wsl is not created. Thanks in advance.Windows CLI session
Hi all, I've been happily working with the 1password CLI for some years now. On Windows, Linux and lately Mac. When the app authentication integration released I was quite stoked that I could now use biometrics/windows hello in my sessions. I've been integrating op commands in various scripts of mine, and I've been noticing that the session doesn't work at all when using this app integration on Windows (maybe also Mac/Linux, but didn't test it there), or that I just don't understand how it works. I've read all the limitations and issues people are having with subshells, the --session and the --raw parameters not working, but that still does not explain why doing multiple commands in a single script or terminal session should ask for authentication every command it does. Multiple use cases; 1. I open a new terminal session. I enter some command like op item list. I get asked to signin by the app using windows hello. I signin, and I the command executes successfully. If my understanding is correct, this should authenticate my current terminal for 10 minutes. However, if I immediately enter the command again, I have to authenticate again. 2. I have a simple powershell script. In that script, I execute an op item list command twice. So for example my script.ps1 can look like; $items1 = op item list $items2 = op item list No weird things with subshells or whatever, so I would expect 1 prompt for the authentication on the first command, and for the second it should already be authenticated. However, I get 2 authentication prompts. So my question; do I misunderstand how this authentication using the app integration should work in a single shell or script, or is this some bug? Is there a workaround (without having to disable the app integration) I'm using the latest 1password cli -V2.32.0- and 1password app - 1Password for Windows 8.11.12 (81112027). I've also noticed this behaviour on multiple windows devices.
Attachments not visible when shared
Hello, I am using op cli in powershell (windows) to create new secure note with the password and file attachment. Everything is working at this point. Then I am using another call to share that secure note with external user. Once I share the uri with the end user, he can access the secure note and it's secret, but he does not see any attachments. If I share manually from the desktop app the same secure note, then it works and user sees the file. Interestingly, if I use python SDK and this example https://github.com/1Password/solutions/tree/main/1password/onepassword_sdks/demo-share-script then end user can access file too. So is this a limitation from op.exe? If yes, do you have a roadmap to support it?
ssh not working in dev-containers/wsl2 after last update...
Hello community! I need straightforward way to work with wsl2 and dev-containers.... It's always some level of nightmare to work with 1Password and SSH agents on Windows11/WSL: Could you help with WORKING SOLUTION (manual, article) for wsl2 and dev-containers to be able to work with Git and commit signing. I use Docker Desktop + WSL2 as a backend, GitHub SSH key for auth and commit signing. For now, I don't see ways better than use private keys in files with ssh configs. One time I used this for setup, but last week all functionality dropped again: https://vinialbano.com/how-to-sign-git-commits-with-1password/ reference repo here: https://github.com/levpa/golang-try
