Migrating from KeepassXC, running into issues and questions

The following schemes seem to be supported:

• http
• https
• ssh
• ftp
• sftp
• smb

Or are there more schemes that are supported? As in, schemes that show more than just Copy and that actually try to open a location.

Hey @autostatic, I apologize for our delayed response here. I'll be happy to address the questions/issues you have regarding 1Password for Linux.

Thanks for your time, much appreciated!

1Password for Linux supports opening network locations (FTP, SSH, SMB) but not a command handler as you've described.

Ah bummer. I think there are ways to make this work anyway, i.e. with a custom URL and maybe a custom browser extension that filters requests to this custom URL and does something with data being sent along.

Although 1Password in your browser (extension) can auto-fill fields while browsing the web, this is not something that can be done within desktop applications. We don't have any plans to share at the moment regarding such a feature.

Ok, good to know. But also here I think it should be possible to cook up something like described above and then do something smart with xdotool and window id's.

With that said, filling in applications can be made easier by using Quick Access. Quick Access lets you find any item you need without leaving the app you're working in. It remembers the items you use most frequently to give you relevant suggestions. Or, you can search for items across all of your accounts and collections. Check out this guide on how to use Quick Access to fill in apps: Get to know Quick Access.

Thanks for the link! Quick Access is not really an option for me though, it would mean I'll have to copy and paste dozens of times when working. And my workflow is very much keyboard centered so using Quick Access would be quite an adaptation.

This is a known issue with XFCE/xflock 4 (the script that handles XFCE locking sessions) not locking properly. Essentially 1Password is listening for the right type of call to lock but xflock4 is not notifying 1Password to lock. A possible workaround would be to remap Super+L to also activate the screensaver. This can be done by navigating to your Keyboard Settings > Application Shortcuts > edit the Super+L shortcut to the following: sh -c "xfce4-screensaver-command -a; xflock4"

This should trigger the screensaver as well as the default locking behavior when using the Super+L shortcut. I found that it takes 2-5 seconds after the screensaver appears for 1Password to lock. I understand that this may not be an ideal solution but hopefully it's a viable workaround for the time being.

Awesome, thanks!! Going to implement that right away. Or maybe switch DE's because I have my gripes with XFCE.

I can certainly see how this could be a useful feature! While I can't make any promises, I'll be happy to pass this suggestions along as a feature request on your behalf to our product team.

That's OK, thanks! For some applications and services we have to store multiple files with sensitive data and it would be great to be able to just select those and drag and drop them into 1Password.

The length of your Secret Key is fixed and can't be customized. If you're interested in learning more about Secret Key security, I would suggest checking out page 11 of our security whitepaper: 1Password Security Design

I'll check out the white paper, thanks. The drawback of a fixed key length is that an attacker already knows the length and structure of such a key. But then it's not optional which is already a good thing.

Hello @AliH1P, thanks for the heads up. In the meanwhile I've cooked up a very crude command handler by running a small Flask app on port 5000. The Flask app renders a form with some small Javascript that autosubmits the form with a POST request. I have 1Password autofill that form to http://localhost:5000/ and with the help of Jinja2 the Flask app renders a working command from the form data which is then being executed by the subprocess module. Another option would be to create my own Firefox extension and use the native messaging possibilities to try interacting with the 1Password extension. Maybe something for the future.

Also, after doing a clean Xubuntu install 1Password now properly locks when I lock te screen. I think that with the other install with the non-locking 1Password I did something with the screensaver that caused 1Password to not lock on locking my screen.

Hello @AliH1P, you're right, when locking the screen 1Password does not lock. It only locks when the screensaver gets activated so for XFCE you indeed really need the command you proposed.

Repository for the command handler: https://codeberg.org/autostatic/1password-command-handler

Bear in mind this is a hacky and crude implementation. It might work for others but it could also blow up in your face (i.e. there's zero input checking) or simply fail.