To use 1password ssh key or envars, I have to unlock 1password desktop first

caligula
caligula
Community Member

to use 1 password ssh key or envar, first I have to open the gui desktop app and unlock, then trigger some random 1password cli command (eg op vault ls), then I can use the 1password ssh key (eg git pull, git push).
If computer goes to sleep I have to repeat the above steps, otherwise I'm preseneted with:

"git@github.com: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists."

if try doing "op vault ls" without unlocking the desktop app first I'm presented with:
"[ERROR] 2022/06/12 11:09:40 no accounts configured in 1Password app"

so if computer goes to sleep I always have to unlock the desktop app for anything to work, user experience would be much better if you didnt have to unlock gui app each time.


1Password Version: 8.8.0
Extension Version: 2.3.5
OS Version: macos 12.4

Comments

  • tomstock
    tomstock
    Community Member

    In Settings->Security, do you have "Lock 1Password when computer locks" checked? Unchecking might fix your issue.

  • Hey @caligula I just want to check in to see if you're still experiencing this issue. The above suggestion could help reduce frequent account locking. Also, if you're able to, I'd suggest setting up Touch ID so that you can more quickly authenticate SSH commands; otherwise you'll need to type your password in the desktop app whenever 1Password is locked and you wish to use the SSH Agent.

  • caligula
    caligula
    Community Member

    Hi,
    Yes I still have to unlock the gui app very frequently to be able to use env vars or ssh keys. I had set 1Password to not lock on sleep and set after idle to never and was still experiencing this.
    The experience was so bad I’ve ended up removing my env vars and ssh keys from 1p.
    I had Touch ID enabled. The authentication is not the issue for me (this is expected and secure) it’s the fact I have to open the desktop gui app and unlock, then run a 1p cli command, before I’m able to git pull (for example). Having to do this upwards of 5-6 times a day especially when in flow state developing is just a non option for me. I’ll retry this as an option later on in the year, but for now it is not a workable solution

  • @caligula Do you see anything appear in the 1Password logs when you run a failing SSH command? On macOS: ~/Library/Group Containers/2BUA8C4S2C.com.1password/Library/Application Support/1Password/Data/logs/1Password_rCURRENT.log

This discussion has been closed.