sudolikeaboss icon indicating copy to clipboard operation
sudolikeaboss copied to clipboard

Published 20 hours ago verified publisher icon brycekahle

Road to Native Messaging

Open valentinocossar opened this issue 7 years ago • 3 comments

Hi, could you use this thread to keep us up to date with the implementation of Native Messaging on sudolikeaboss to make it compatible with 1Password 6.8.1+?

Do you have some sort of deadline/roadmap?

Thank you very much for your work, very appreciated!

valentinocossar avatar Sep 21 '17 15:09 valentinocossar

Definitely. Thanks for starting the thread.

I've already done some initial research into Native Messaging and how 1Password is using it. I believe the content of the messages is the same as what was being communicated over WebSockets. Thus, supporting Native Messaging is a matter of launching their NM host and using stdin/stdout instead of a WebSocket. This is an easy code change to make, and one which I've already prototyped.

An additional requirement they have added is requiring any app communicating with it, be part of a macOS Bundle. I believe I have already found the minimal set of files and directory structure to satisfy their checks.

The real roadblock is AgileBits making code signing verification mandatory in 6.8.1. I've decompiled the 1Password Helper and found the relevant code portions implementing the verification process. It would be trivial for them to add sudolikeaboss, once I start distributing a code-signed binary.

I've attempted to establish a line of communication with them on multiple occasions, mostly in this thread, but also in issues on the original sudolikeaboss repo. Despite replies indicating their intentions to do so, they have not reached out to me. I'm hoping this is not an intentional strategy to disable sudolikeaboss and drive adoption of their own CLI tool, which only works with a 1password.com subscription.

brycekahle avatar Sep 22 '17 03:09 brycekahle

Hi @brycekahle and @valentinocossar. I wanted to direct you to my response on our forums regarding sudolikeaboss and 1Password. If you have any other questions feel free to leave them there. https://discussions.agilebits.com/discussion/comment/394873/#Comment_394873

MrRooni avatar Oct 10 '17 18:10 MrRooni

Hi Everyone. I've written a replacement for sudolikeaboss that should work with 1Password > 6.8.0, by talking directly to the SQLite data file It's not ideal, as then it requires your Master Password, and that's not the best move security wise, but in light of the recent decisions by 1Password, I do not see many other choices. Luckily everything stays local so that's a win.

Code repo here: https://github.com/peacetara/slab and the current python implementation and instructions are here: https://github.com/peacetara/slab/blob/master/src/python/README.md

The other options I'm aware of via @ csawyerYumaed :

  • Use dpaf(https://github.com/tomvachon/dpaf) w/ 1password 6.8.1+ with a 1password subscription and your 1password vault online. uses the 'op' tool.

  • Use iterm2's built-in password manager (set a profile key shortcut to add menu-item 'password manager') -- this uses the macOS Keychain (it creates Login items in the Login keychain under the name 'iTerm2' of kind 'application password').

peacetara avatar Oct 13 '17 11:10 peacetara