I switched to keeping all my SSH private and public key pairs in 1Password, relying on 1Password SSH Agent to provide the key in time of authentication to SSH remote servers and/or GitHub with a configuration like:
On Mac:
Host github.com
User git
HostName github.com
IdentityAgent ~/Library/Group\ Containers/2BUA8C4S2C.com.1password/t/agent.sock
Host *
IdentityAgent ~/Library/Group\ Containers/2BUA8C4S2C.com.1password/t/agent.sock
On Linux
Host github.com
User git
HostName github.com
IdentityAgent ~/.1password/agent.sock
Host *
IdentityAgent ~/.1password/agent.sock
I have (had) the issue, that suddenly authentication from/to existing/unchanged systems was not working anymore. ssh -vvv revealed, that the private key fitting for a remote system was not found/not picked, although it was listed in ssh-add -l.
Digging a bit deeper I found out, that some SSH servers limit the number of private keys they accept for checking ... e.g. to 6. As I was adding another key pair recently, although not yet in use and for a non-SSH use case, I figured, that this could be the cause of the problem.
As I did not (yet) find out how to pin-point key pairs for certain remote systems with 1Password, I reverted to limiting the keys exposed by adapting file ~/.config/1Password/ssh/agent.toml to something like:
[[ssh-keys]]
vault = "Private"
item = "awsec2"
[[ssh-keys]]
vault = "Private"
item = "azvm"
[[ssh-keys]]
vault = "Private"
item = "github"
[[ssh-keys]]
vault = "Private"
item = "homelinux"