Can older Mac access keychain via DB without syncing?

randot
randot
Community Member

I have a new laptop on order to replace my aging Mac Pro, which can't run 1P4. I plan to keep the Mac Pro running in another room as a server for the house, and would like for it to still be able to access the 1P keychain file I'll be using from now on. My understanding is that 1P3 can read 1P4's data format, but I'm very keen to switch to iCloud syncing and get rid of the hidden .ws.agile... file in DB. So I'll use iCloud when the new Mac gets here.

So my question is, if I continue to store my keychain in DB, but turn off Dropbox sync on the Mac Pro, can I trust that in the rare cases I need to access 1P on the Mac Pro, it will be up to date just by virtue of being in Dropbox? It's safe to say that anytime I'm opening 1P3 on the old Mac, I won't be using it on the new Mac or iOS, so I don't think there is a risk of corruption by editing the same file from multiple places.

Thanks for any advice!

Comments

  • Megan
    Megan
    1Password Alumni

    Hi @randot,

    You're correct, when synced through Dropbox, 1Password 3 can read an 1Password.agilekeychain file from 1Password 4. However, vaults in 1Password 4 can only sync to one source, so it is not possible to sync to both iCloud and Dropbox. Keeping a copy of your 1Password.agilekeychain in Dropbox to be accessed by your older Mac Pro is fine, but changes made in 1Password 4 won't sync to the Dropbox keychain if you have syncing set up via iCloud.

    If I'm not quite understanding your situation correctly, please let me know :)

  • randot
    randot
    Community Member

    Thanks for your reply! I think I see where I was mistaken. I assumed that iCloud was just the sync mechanism, and that I could still store the keychain file itself where ever I want (for instance, in Dropbox). It sounds like you're saying if I use iCloud syncing, the keychain has to be stored in a specific system location?

    Do you think it would work if I placed a symlink in my Dropbox pointing to ~/Library/Mobile Documents/1Password.agilekeychain? My understanding is that Dropbox does follow symbolic links. But could that cause corruption?

    You said "when synced through Dropbox"...so I guess the other thing I don't understand is: Can 1P3 read files from 1P4 all by itself (even with sync turned off), or is there some translation that happens during sync which makes it possible for 1P3 to understand 1P4 files?

    Thanks!

  • Hi @randot,

    . I assumed that iCloud was just the sync mechanism, and that I could still store the keychain file itself where ever I want (for instance, in Dropbox). It sounds like you're saying if I use iCloud syncing, the keychain has to be stored in a specific system location?

    iCloud is a bit misleading, it's a broad sync platform with a lot of services underneath it. There's email, there's backups, there's iCloud Sync for apps and there is also the undocumented Dropbox-ish iCloud folder.

    We export and store an encrypted cloud keychain format into the iCloud folder for 1Password. OS X handles the syncing for you in the background by monitoring the iCloud folder. The iCloud folder is ~/Library/Mobile Documents, there's a special bundle ID container for 1Password in there.

    Do you think it would work if I placed a symlink in my Dropbox pointing to ~/Library/Mobile Documents/1Password.agilekeychain?

    Eh, we don't recommend it. Logically and theoretically, it should work but the .agilekeychain is very intensive, a lot of things are happening as we sync to that file. We don't recommend it.

    You said "when synced through Dropbox"...so I guess the other thing I don't understand is: Can 1P3 read files from 1P4 all by itself (even with sync turned off), or is there some translation that happens during sync which makes it possible for 1P3 to understand 1P4 files?

    1Password 3 does not read 1Password 4 files. Here's how it works:

    1. 1Password 4 uses an internal SQLite database file: OnePassword.sqlite stored in either location depending on where you bought 1Password 4:

    MAS: ~/Library/Containers/2BUA8C4S2C.com.agilebits.onepassword-osx-helper/Data/Library/Data
    AgileBits: ~/Library/Application Support/1Password 4/

    When you enable a sync service in 1Password 4, it'll export either the new cloud keychain for iCloud or it'll export the 1Password 3-compatible format (.agilekeychain) in the Dropbox folder you selected.

    1Password 4 will monitor those folders and sync between its internal database and the sync folders.

    Do you have an local sync tool that you use? Like rsync, Chronosync, BTSync or anything like that? If yes, what you can do is use Folder Sync in 1Password 4 to sync to a local folder on your drive. From there, you can use your local sync tool to sync that folder between your Macs.

  • randot
    randot
    Community Member

    Thanks @MikeT, I believe I understand. It looks like using Folder Sync in 1P4 would require turning off iCloud sync. So it sounds like there's not really a way to keep both my old Mac and my iOS devices in sync without using Dropbox? I guess I can live with that, I'll just have to cut the Mac Pro out of the loop.

    Really enjoying 1Password 4 (and really glad to finally have the .ws.agile... file gone from Dropbox. Thanks!

This discussion has been closed.