1Password

1Password is a password manager developed by the Canadian software company AgileBits Inc. It supports multiple platforms such as iOS, Android, Windows, Linux, and macOS. It provides a place for users to store various passwords, software licenses, and other sensitive information in a virtual vault that is locked with a PBKDF2-guarded master password. By default, the user’s encrypted vault is hosted on 1Password’s servers for a monthly fee.

Install 1password^AUR, and optionally for terminal based access 1password-cli^AUR can be installed too.

In your desktop environment settings you may bind a key combination of your choice to the command 1password --show, which will cause your already opened app to bring-up its window (starting itself up if not yet running).

If using KDE desktop, the current default focus stealing prevention rules will normally prevent an already opened window from bringing itself up again, if it's minimized and not closed to system tray. To correct this behavior, add a window rule for the app (setting Window class (application) to Exact match 1password and Focus stealing prevention to Force None). The config equivalent of the rule is:

~/.config/kwinrulesrc

[28fe905a-c408-4b83-a535-cb04e93725a4]
Description=Allow 1Password window to bring itself up
fsplevelrule=2
wmclass=1password
wmclassmatch=1

In general, you can increase debugging verbosity with the following:

$ pkill -f 1password || true
$ OP_UNREDACTED_LOGS=1 OP_LOG_LEVEL=trace 1password

If you see experience issues with 1Password not being able to store the MFA token and stay "online", and you see similar error messages:

INFO  [1P:op-b5-client/src/internal/unauthorized_session/auth_flow.rs:1260] Verifying device secret (MFA) with server...
DEBUG [1P:op-b5-client/src/internal/keyed_server_connection.rs:227] Session Session ID: ABCDEFGHIJKLMNOPQRSTUVXYZA <redacted url>
INFO  [1P:op-b5-client/src/internal/unauthorized_session/auth_flow.rs:914] Device secret was verified
TRACE [1P:foundation/op-linux/src/ipc/desktop_keyring/mod.rs:45] using kwallet fallback for this session
WARN  [1P:op-b5-client/src/internal/unauthorized_session/auth_flow.rs:927] Failed to save an account's 2FA token with an error of SystemKeyringError(LinuxError(DBus(MethodError(OwnedErrorName(ErrorName(Str(Owned("org.freedesktop.DBus.Error.ServiceUnknown")))), Some("The name is not activatable"), Msg { type: Error, sender: UniqueName(Str(Borrowed("org.freedesktop.DBus"))), reply-serial: 2, body: Signature("s") })))). 2FA will only be valid for this unlock session!

A most likely solution is that you are missing a wallet. For instance installing KDE Wallet by installing kwallet and kwalletmanager is one way of solving the issue.

If you have enabled the 1Password SSH agent but the agent refuses operation when trying to use it, and you see error messages such as:

INFO  [1P:ssh/op-agent-controller/src/lib.rs:761] SSH Agent has started.
INFO  [1P:ssh/op-agent-controller/src/lib.rs:577] Starting filesystem watcher for SSH agent configuration directories...
ERROR [1P:/mnt/ephemeral/builds/dev/core/core/ssh/op-agent-controller/src/lib.rs:578] Io(Os { code: 2, kind: NotFound, message: "No such file or directory" })

Then most likely it's the pinentry and/or policykit agent not being installed. You can fix this by installing lxqt-policykit as well as pinentry, and after this make sure you start the lxqt policykit agent:

$ /usr/bin/lxqt-policykit-agent &