1Password SSH Agent - Multiple Vaults (non default)

ma3574
ma3574
Community Member

N.B. I posted this originally on Reddit here: https://www.reddit.com/r/1Password/comments/wrh8j7/1password_ssh_agent_multiple_vaults/
I still haven't found a resolution so here we are...

Problem:

• I got excited about the SSH agent feature of 1Password and set it up.

• I Imported my private key and got ready to test with GitHub

• That's when I saw the issue in the screenshot:

Move to your Lastpass Import vault to use with the SSH agent

My Setup:

• Been using 1Password for a number of years on Mac

• I'm using 1Password 8

• Migrated from LastPass and imported all my Lastpass passwords into a separate vault called "Lastpass Import"

• I have another vault called "Main" that houses the creds that I use and the ones I've migrated from the "Lastpass Import" vault

• I only use the "Lastpass Import" one to lookup old creds that I didn't migrate to the "Main" vault

• In 1Password 8 I can't seem to change the default vault to be my "Main" one and I'm going crazy trying to figure it out. HELP! 😵‍💫

My understanding of the situation:

• To use the SSH agent the SSH key needs to be in the "default" vault

• 1Password doesn't allow me to change the "default" vault

• I can change the vault that new things get stored into but the "Lastpass Import" is stuck as the "default" one for use with the SSH agent

• I thought I could create another vault called "Lastpass 2" etc. and move everything in there to that and rename "Lastpass Import" to be my "New Main" or move things around but I can't edit the "default" vault. Not even rename it 😢

I'm not sure where to go from here... please help


1Password Version: 8.7.3
Extension Version: Not Provided
OS Version: macOS 12.4
Browser:_ Not Provided

Comments

  • Hi @ma3574:

    Great question. 1Password accounts have a default vault, called the Personal vault in individual accounts, or the Private vault for all other account types. This vault has some unique characteristics, especially when working in accounts with other people. It isn't possible for this vault to be renamed (barring the exception below), or be shared with anyone else in your 1Password account.

    The short version is you're running into an interaction of two separate things:

    • There was a bug in previous versions of 1Password for Mac, where it was possible to rename this vault to a new name. We've resolved this bug, but any accounts that had this vault renamed were not changed back after the bug was fixed.
    • As it currently stands, the SSH agent only presents SSH keys from your Personal / Private vault.

    It sounds like you may have been using 1Password for Mac back when this bug was present, and renamed your Personal / Private vault to "Lastpass Import". As for why 1Password only uses SSH Keys from your Personal / Private vault, it helps ensure that you know exactly which SSH keys you're presenting.

    We've had some success with using the affected version of 1Password 7 to rename the vault back to Personal or Private, but we've also had reports of it not running as expected on recent versions of macOS. You're more than welcome to give it a try: https://app-updates.agilebits.com/product_history/OPM7#v70205002

    Your ideal situation when it comes to vaults would be a Personal / Private vault containing what is currently in your "Main" vault, and then a "Lastpass Import" vault containing what's currently in your Personal / Private vault (although named "Lastpass Import").

    Let me know if you're able to use 1Password 7.2.5 to rename that vault, or if you're unable to get it working.

    Jack

  • ma3574
    ma3574
    Community Member

    So your suggestion is I go back to an older version of 1Password with a bug in it and do some renaming of things and moving things around and then come back to 1Password 8. I can't believe that software that I've paying for for so long is making me jump through such crazy hoops. Since this whole move to 1Password 8 the experience has certainly been sub par to the point where after years I'm considering ditching 1Password altogether now. I used to recommend 1Password to friends and family but clearly it isn't "customer first" within Agile Bits anymore.

    I'm going to try the following steps:

    • Create an encrypted disk image
    • Export all my data to the encrypted image (since the 1Password export is unencrypted)
    • Go back to 1Password 7.2.5
    • Rename the vault to Private
    • Then come back to 1Password 8
    • Play musical chairs between vaults
  • ma3574
    ma3574
    Community Member

    So an update to this saga...

    • I tried to install 1Password 7.2.5. Upon launching it I got:

    • I figured it's probably because I have data in the 1Password 8 format on my machine

    • So I set up a new account on macOS called temp that had no other user data
    • Installed 1Password 7.2.5
    • Launched it and 💥 same error
    • So this solution isn't viable

    Details of my Machine

    • MacBook Pro with M1 Pro chip
  • ma3574
    ma3574
    Community Member

    A final update for anyone who ends up landing here:

    • I went to see my brother who has an Intel iMac
    • Set up an account on there and downloaded 1Password 7.2.5
    • It actually launched
    • Signed in
    • Renamed the LastPass vault to Main and juggled stuff around
    • Let it sync
    • Went back to M1 MacBook Pro and set up 1Password 8 again
    • Stuff synced
    • The vaults are now named properly
    • However... some of my passwords there's 3 copies of now 😐
    • I'm now having to manually go through 100s of passwords and delete the duplicates one by one
    • It's not a perfect ending but it's an ending

    So for anyone else who lands here:
    • Use an Intel chip mac
    • Use 1Password 7.2.5 to change vault names
    • Beware of duplicates

  • ma3574
    ma3574
    Community Member

    Also how come the https://www.reddit.com/r/1Password/comments/wrh8j7/1password_ssh_agent_multiple_vaults/ reddit post got deleted by your admins. What kind of joke is that? You can't just hide things and brush them under the carpet without explanation.

  • Hi @ma3574:

    I'm glad to hear you were able to get the vaults named the way you'd like. While I can't promise anything specifically, I've shared your situation we have on an internal issue, as we're hoping to add a button that would allow you to reset the name of the default vault back to the appropriate name, Personal or Private, without needing to use a specific version of 1Password 7 for Mac.

    When we're helping someone across Reddit and the Support Community, we try to keep everything in one place to make it easier for everyone.

    Jack

    ref: dev/b5/b5#13209

  • ma3574
    ma3574
    Community Member

    When we're helping someone across Reddit and the Support Community, we try to keep everything in one place to make it easier for everyone.

    I get keeping it in one place but there was a link from there to here as well. Isn't it better for the community to be able to find the information irrespective of the way they got to it. By deleting the post on Reddit you've reduced the ways people can find the information. Just because it makes 1Password look bad, doesn't mean it should just be deleted. That's cowardice on 1Password's part. Agile Bits took a big gamble with 1Password 8 so it should stand by it's decisions not try and brush them under the carpet.

  • Thanks for your feedback.

    Jack

This discussion has been closed.