Git Commit Signing with SSH Key (Unverified persists)
ChristophBeckmann
Hey,
I use the SSH function to save my Github SSH Key in 1Password.
I added an SSH key (https://github.com/settings/keys) with 1Password. 1Password created one SSH Key and automatically put the public key into the Github Public Key field. After that, I configured the commit signing and added the snippet (provided by 1Password) into my .gitignore.
From that moment on, I thought the signing process would work. But the "Unverified" badge on Github still persists.
After some research, I made further attempts like:
- Adding "-S" flag to git commit (https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits)
- Repeated the process described above
- Double-checked .gitignore
Nevertheless, the problem persists, and I cannot verify my git commits.
I hope you can help out.
1Password Version: 1Password for Mac 8.9.10 (80910043)
Extension Version: Not Provided
OS Version: MacOS 13.0.1
Browser:_ Not Provided
Comments
In addition, Github writes, when I click on the badge "Unverified": "Upload your public signing SSH key to verify your signature." But the public key has been entered into the field by 1Password on the one hand and on the other hand it is also in the .gitconfig.
Team Member
Hi @ChristophBeckmann:
Thanks for reaching out about this. Just to confirm, is your SSH public key added as both a signing and authentication key in GitHub's settings?
Let me know.
Jack
Hey @Jack.P_1P,
well, I'm feeling kind of stupid, but that was the missing part. I thought with Uploading the Authentication Keys Github would know my public key for signing as well.
Thanks!
Team Member
Hey @ChristophBeckmann:
You're very welcome, and I got caught up by the same thing when this first rolled out on GitHub. 🙂
Please get in touch if there's anything we can help you with in the future!
Jack