[AlexandrB]

> Other commenters have mentioned sync

Isn't this an anti-feature? The ability to revoke an SSH key specific to a stolen laptop from a server or your Github account seems like a benefit. Using the same SSH key on every machine is a downgrade.

On the other hand, the ability to manage access to shared keys is really nice.

[Yeri]

I guess rotating one key is easier though. Just update in 1psw and done.

[tialaramex]

But why are you "rotating" keys? Most of the reasons people give involve unnecessary exposure of the private key material, which is exactly what you're encouraging by having 1password keep these keys instead of them living on individual hardware.

[Yeri]

Well keeps are also shared via chat or emails and people exit the company. Sure taking out one key is more precise but rotating all is probably easier

[tialaramex]

You may notice they aren't called "Fun size sharing keys" or "Family pack keys" but instead "Private keys" because of that word "Private".

You don't need to wait for people to "exit the company". Sharing private keys was wrong, invalidate those keys. If somebody else knows your private key it isn't private any more. Get this stuff right and rotating keys is unecessary, get it wrong and rotating keys can't help you.

[kristjansson]

Presumably if the laptop is stolen, the key isn’t exposed because it’s in 1Password, and the attacker doesn’t have your master password?