Git Commit Signing with SSH Key (Unverified persists)
Hey,
I use the SSH function to save my Github SSH Key in 1Password.
I added an SSH key (https://github.com/settings/keys) with 1Password. 1Password created one SSH Key and automatically put the public key into the Github Public Key field. After that, I configured the commit signing and added the snippet (provided by 1Password) into my .gitignore.
From that moment on, I thought the signing process would work. But the "Unverified" badge on Github still persists.
After some research, I made further attempts like:
- Adding "-S" flag to git commit (https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits)
- Repeated the process described above
- Double-checked .gitignore
Nevertheless, the problem persists, and I cannot verify my git commits.
I hope you can help out.
1Password Version: 1Password for Mac 8.9.10 (80910043)
Extension Version: Not Provided
OS Version: MacOS 13.0.1
Browser:_ Not Provided
Comments
-
In addition, Github writes, when I click on the badge "Unverified": "Upload your public signing SSH key to verify your signature." But the public key has been entered into the field by 1Password on the one hand and on the other hand it is also in the .gitconfig.
0 -
Thanks for reaching out about this. Just to confirm, is your SSH public key added as both a signing and authentication key in GitHub's settings?
Let me know.
Jack
2 -
Hey @Jack.P_1P,
well, I'm feeling kind of stupid, but that was the missing part. I thought with Uploading the Authentication Keys Github would know my public key for signing as well.
Thanks!
1 -
Hey @ChristophBeckmann:
You're very welcome, and I got caught up by the same thing when this first rolled out on GitHub. 🙂
Please get in touch if there's anything we can help you with in the future!
Jack
1 -
@Jack.P_1P Thank you for this discussion. This also helped me when I was trying to contribute to 1Password's Open source. Finally , I can see Verified tag on the PR now 😀.
1
