In daily operations and development work, SSH (Secure Shell) is one of the most common ways to access remote systems. To avoid entering passwords repeatedly, most users choose to use SSH keys for authentication. However, this also brings some challenges:
Users need to create or import keys into different SSH tools;
For security reasons, some people are unwilling to hand over their private keys to third-party software;
Many teams or individuals prefer to store keys centrally in a password manager, such as 1Password, to ensure unified management and security.
What is SSH Agent?
SSH Agent is a background service running locally that:
Centrally manages private keys: Private keys no longer need to be stored separately in various SSH tools, but are instead managed by the Agent;
Signs on behalf of the user: When an SSH tool needs to log in to a remote host, it sends the data to be signed to the SSH Agent, which uses the private key to sign it and return the result;
Improves security: The SSH tool itself never directly accesses the private key, preventing exposure from being imported into multiple places;
Supports sharing across tools: Multiple terminals or development tools (such as Git, SSH clients, etc.) can share the same SSH Agent without repeated configuration.
In short, an SSH Agent is like a “gatekeeper”: it has the keys but never hands them over — it simply opens the door for you.
1Password and SSH Agent
As a widely used password manager, 1Password not only stores passwords and certificates but has also introduced SSH Agent functionality in recent years.
This means:
Users can securely store SSH private keys in their 1Password vault;
When the 1Password SSH Agent is enabled, a local SSH_AUTH_SOCK socket is created;
Any tool that supports SSH Agent (such as the ssh command, Git, or other SSH clients) can communicate with the 1Password Agent through this socket to complete authentication.
With this, users no longer need to repeatedly import keys into different tools, nor do they need to worry about key misuse — all private keys remain safely locked inside 1Password.
ShellBean in Practice: Supporting 1Password SSH Agent via ShellHelper
As a lightweight and efficient SSH tool, ShellBean has always focused on user experience and data security.
Through user research, we found:
Many users already manage their keys in 1Password;
They want to log in directly using 1Password’s SSH Agent instead of importing keys again.
Based on this, ShellBean has introduced ShellHelper.
What ShellHelper does:
Once installed, ShellHelper allows ShellBean to automatically communicate with the local SSH Agent (such as the one provided by 1Password);
When the user attempts to log in to a server, ShellBean requests a signature via the SSH Agent;
The 1Password Agent verifies the request and uses the private key stored in the 1Password vault to sign it;
ShellBean receives the signed result and completes the remote login — all while the private key never leaves 1Password.
This enables ShellBean users to seamlessly use their 1Password keys while maintaining both security and convenience.
User Benefits
No need to import keys: As long as the key is in 1Password, ShellBean can use it;
Higher security: Private keys stay inside 1Password, avoiding exposure to untrusted applications;
Unified management: All SSH keys are stored centrally in 1Password, eliminating the hassle of maintaining them in multiple places;
Improved workflow: Like Git and command-line tools, ShellBean can directly use the SSH Agent, ensuring a consistent experience.
Conclusion
SSH Agent changes SSH login from “keys scattered everywhere” to “centrally stored + used on demand,” greatly improving both security and convenience. 1Password’s SSH Agent further integrates key management with authentication, making it secure and efficient.
ShellBean leverages ShellHelper to connect to the SSH Agent, enabling users to log in to remote hosts directly with keys stored in 1Password — without worrying about repeated imports or potential leaks. This is not just a security upgrade, but also a significant improvement to the user experience.
For users already using 1Password, simply install ShellHelper to enjoy this feature in ShellBean right away.