How to configure 1Password SSH Key and automatically sign your commits on GitHub?
-
First generate ssh key using 1Password and save it in Vault. Optionally you can add your existing keys manually.
-
On 1Password
Settings -> Developer
checkUse the SSH agent
box. -
Create
allowed-signers
file, Sublime Merge complains if it can't find this file and shows all commits as invalid.
mkdir -p /home/$(whoami)/config/git/touch /home/$(whoami)/config/git/allowed-signers
mkdir -p /home/$(whoami)/config/git/touch /home/$(whoami)/config/git/allowed-signers
- Update your local git configuration
~/.gitconfig
[gpg]format = ssh[gpg "ssh"]program = /opt/1Password/op-ssh-signallowedSignersFile = /home/user/config/git/allowed-signers[commit]gpgsign = true[user]signingKey = ssh-ed25519 pubkeyname = Your name[init]defaultBranch = main
[gpg]format = ssh[gpg "ssh"]program = /opt/1Password/op-ssh-signallowedSignersFile = /home/user/config/git/allowed-signers[commit]gpgsign = true[user]signingKey = ssh-ed25519 pubkeyname = Your name[init]defaultBranch = main
- Update local SSH configuration to use 1Password's SSH agent for all hosts
~/.ssh/config
Host *IdentityAgent ~/.1password/agent.sock
Host *IdentityAgent ~/.1password/agent.sock
- Finally Add your public key to your GitHub account
Settings -> SSH and GPG keys -> Signing keys
1Password will pop-up to authorize the use of your private key and if you generated your private key in the app it is never saved on the computer.