How to configure 1Password SSH Key and automatically sign your commits on GitHub?

#ssh #1password #git #github

First generate ssh key using 1Password and save it in Vault. Optionally you can add your existing keys manually.
On 1Password Settings -> Developer check Use the SSH agent box.
Create allowed-signers file, Sublime Merge complains if it can't find this file and shows all commits as invalid.

mkdir -p /home/$(whoami)/config/git/
touch /home/$(whoami)/config/git/allowed-signers

Update your local git configuration ~/.gitconfig

[gpg]
    format = ssh
[gpg "ssh"]
    program = /opt/1Password/op-ssh-sign
    allowedSignersFile = /home/user/config/git/allowed-signers
[commit]
    gpgsign = true
[user]
    signingKey = ssh-ed25519 pubkey
    name = Your name
    email = email@example.org
[init]
    defaultBranch = main

Update local SSH configuration to use 1Password's SSH agent for all hosts ~/.ssh/config

Host *
        IdentityAgent ~/.1password/agent.sock

Finally Add your public key to your GitHub account Settings -> SSH and GPG keys -> Signing keys

1Password will pop-up to authorize the use of your private key and if you generated your private key in the app it is never saved on the computer.

🛠️ Bring your solution into Docusign. Reach over 1.6M customers.

Docusign is now extensible. Overcome challenges with disconnected products and inaccessible data by bringing your solutions into Docusign and publishing to 1.6M customers in the App Center.

Learn more