[Internal] Multiple session file in tmp dir, which one contains the good session private key ?

mickael
mickael
Community Member
edited April 2019 in CLI

Hi,

When we do op signin, a temporary session file is created in $TMPDIR/com.agilebits.op.501.

This file contains the encrypted session key that will be used in the decryption process.

However, sometimes the directory $TMPDIR/com.agilebits.op.501 may contains multiple files, I guess if sessions are not properly closed or still in use in another term window.

Regarding a session key, how can I know which temporary file to use ?

Thanks,

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • cohix
    cohix
    1Password Alumni

    @mickael yes, multiple files are created, and whenever you run op signin, any sessions that are "dead" are deleted. Additionally, whenever the env var (OP_SESSION_teamname) is changed to a new value, the session file related to that env var becomes useless since the env var is the only thing that can be used to derive the encryption key for that file.

    As for which one to use, if you take the value of the env var, base64url decode it, sha1 the resulting bytes, then base64url encode that, that will be the filename for the corresponding session file.

    Let me know if that helps.

  • mickael
    mickael
    Community Member

    Thanks a lot for the details, that will be really helpful !

  • mickael
    mickael
    Community Member
    edited April 2019

    Yeah, it works...

    For those intersting in reading that, don't forget to append == to the session key before decoding it first

    Thanks a lot !

  • cohix
    cohix
    1Password Alumni

    @mickael perfect!

This discussion has been closed.