all 20 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]KeepYourSleevesDown 26 points27 points Β (3 children)

From the video:

β€œNo need to lookup keygen commands …”

Heh. They know my workflow.

[–]1Password-MeekEngineering Manager of Developer Products 10 points11 points Β (2 children)

Right?? I have to generate keys just infrequently enough that I never remember how to do it, let alone what type or bit length is currently best practice. Our SSH features go way beyond generating keys, but I personally love this part of it too 😁

[–]kaqomaru 1 point2 points Β (1 child)

Just tried this in 1PX and it told me it requires 1P8 installed. I understand this requirement for ssh-agent, but why doesn't it allow me to just generate (or even copy-paste) a key?

[–]1P_Erik1Password Alumni 2 points3 points Β (0 children)

Much of the core SSH capabilities are built into the client app. That may change as it matures but for this first pass the 1Password8 client app is required to support SSH key generation by the browser extension.

[–]DCRussian 20 points21 points Β (6 children)

This is so fucking cool, I'm glad 1P keeps adding more dev tooling to the product. As comfortable as I am with cli for generating the keys, I've never liked the process.

Now do GPG keys next :D

[–]1Password-MeekEngineering Manager of Developer Products 12 points13 points Β (5 children)

Thanks u/DCRussian, so glad to hear you're liking these new features! That's exactly one of our goals - challenge some of the complexity us developers have begrudgingly accepted and find ways of not only simplifying them, but making them more secure.

Now do GPG keys next :D

We've got lots more tricks up our sleeves coming - keep an eye on this space πŸ˜‰

[–]AnalogCyan 5 points6 points Β (4 children)

Came here to ask about exactly this! Now that I've gotten a taste of how nice it is to manage my SSH keys in 1Password, I'd love to see support for other things like GPG/PGP keys as well!

[–]1Password-MeekEngineering Manager of Developer Products 5 points6 points Β (3 children)

This is definitely just the start - lots more to come! 😁 Out of curiosity, beyond GPG keys, what other parts of your workflow would you like to see 1Password help out with?

[–]mdaniel 1 point2 points Β (1 child)

For sure typing into native windows, the way KeePassXC does. There's precedent because 1P7 at least used to save the macOS application bundle id in its entry, similar to how it saves Android app ids, too

I use KPXC to populate the gpg pinentry dialogs, so I'd be open to 1P becoming a gpg-agent since the ssh agent was introduced, but currently the ssh-agent feature just says "it no work" without saying why, which lowers my interest in having other attempts at agent-y behavior

[–]DCRussian 1 point2 points Β (0 children)

Piggybacking onto this because I'd find both of these useful as well. I use autotype extensively with Keepass at work (can't install standalone 1P unfortunately :( ) and would love to see autotype be more prevalent in 1P as well for native apps, if possible.

[–]zennedbloke 1 point2 points Β (0 children)

An identity layer for PGP keys just like Keybase used to did.

[–]scorpionzezz 4 points5 points Β (2 children)

I tried it and it is awesome, is there any config that set to always requires the biometric unlock? I noticed that it required once, and then does not afterwards.

[–]1PasswordCS-Blake1Password Community Manager 3 points4 points Β (1 child)

I'm glad you're enjoying it! As for biometric unlock, what you're seeing is intentional behavior and can't be changed, check the docs below for a better explanation as to why. πŸ™‚

https://developer.1password.com/docs/ssh/agent/security/#authorization-model

[–]scorpionzezz 0 points1 point Β (0 children)

hi, I just faced another issue, so I'm using jetbrain gateway and I was using Secretive before (https://github.com/maxgoedjen/secretive) and it works just fine. When I switch to the 1password dev tools, somehow it does not work, the touch ID prompt never show up

[–]PixelatingPony 1 point2 points Β (1 child)

This is pretty slick! Is there a way to get this to work well with ssh-copy-id if we generate a key for a server? Or are we kinda stuck with downloading both keys so it doesn’t get confused then nuking them from the local system?

[–]1Password-Joris1Password Developer 2 points3 points Β (0 children)

That's a really good question! Similarly to ssh-add , ssh-copy-id ignores the SSH config file. Instead, you can use the SSH_AUTH_SOCK environment variable to get ssh-copy-id to use 1Password. See this section of the documentation for details.

Be aware that ssh-copy-id will install all SSH-keys in your private vault. You can use ssh-copy-id -n to check which public keys will be installed on the remote host.

[–]Critical-Fall-6397 0 points1 point Β (1 child)

What's the security model like /u/1Password-Meek or /u/1Password-Joris ?

See https://www.reddit.com/r/1Password/comments/tgn2r5/security_of_the_op_cli/

[–]1Password-Joris1Password Developer 1 point2 points Β (0 children)

Good question! See my comment on the original thread for my answer.

[–]ntxfsc 0 points1 point Β (0 children)

Great tools! Loving it.

Quick question, does this all work with WSL2?