[Internal] Multiple session file in tmp dir, which one contains the good session private key ?

edited April 26 in CLI Beta


When we do op signin, a temporary session file is created in $TMPDIR/com.agilebits.op.501.

This file contains the encrypted session key that will be used in the decryption process.

However, sometimes the directory $TMPDIR/com.agilebits.op.501 may contains multiple files, I guess if sessions are not properly closed or still in use in another term window.

Regarding a session key, how can I know which temporary file to use ?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided


  • cohixcohix

    Team Member

    @mickael yes, multiple files are created, and whenever you run op signin, any sessions that are "dead" are deleted. Additionally, whenever the env var (OP_SESSION_teamname) is changed to a new value, the session file related to that env var becomes useless since the env var is the only thing that can be used to derive the encryption key for that file.

    As for which one to use, if you take the value of the env var, base64url decode it, sha1 the resulting bytes, then base64url encode that, that will be the filename for the corresponding session file.

    Let me know if that helps.

  • Thanks a lot for the details, that will be really helpful !

  • mickaelmickael
    edited April 26

    Yeah, it works...

    For those intersting in reading that, don't forget to append == to the session key before decoding it first

    Thanks a lot !

  • cohixcohix

    Team Member

    @mickael perfect!

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file