Windows SSH agent + WSL2 Git: 1Password SSH prompt appears but commit remains unsigned

jming
jming
Community Member
in SSH

I am trying to setup Git commit signing with SSH inside WSL2. I followed all the instructions for setting up 1Password SSH in WSL, and I can use my keys in 1Password totally fine using ssh.exe directly. I also followed the Git signing with SSH instructions, however my commits are not getting signed.

When I commit with -S, 1Password shows me the authorization prompt, and I accept it, but still my commits remain unsigned. I am using:

  • Windows 11 (build 22621.2861)
  • 1Password for Windows 8.10.22 (81022040)
  • SSH OpenSSH_for_Windows_8.6p1, LibreSSL 3.4.3.
  • WSL 2.0.9.0
    • (Linux) Git 2.34.1

To recap:

  • In WSL, ssh.exe -T git@git.sr.ht successfully shows me the 1Password SSH key auth prompt, and when I accept it, I am authenticated to git.sr.ht OK.

  • I have configured Git according to the "Configure Git Commit Signing" button in 1Password with "Configure for Windows Subsystem for Linux" checked, using the same SSH key as above

    • I double checked that gpg.ssh.program points to op-ssh-sign-wsl, that gpg.format is ssh, and that core.sshCommand is set to ssh.exe

  • git commit -m 'testing' -S shows the 1Password SSH prompt same as above, and when I accept, the commit succeeds

  • git log --show-signature says "No signature" on the commit if gpg.ssh.allowedSignersFile is unset, and says "Could not verify signature." if it is set to my (populated) signers file.
  • I pushed one of these commits to a forge and pulled it on another machine which confirmed that the commit in fact has no signature.

Am I doing something wrong? Any help would be greatly appreciated!

1Password Version: 8.10.22
Extension Version: Not Provided
OS Version: Windows 11 (build 22621.2861)
Browser: Not Provided

Comments

  • floris_1P
    floris_1P

    Could you check if the raw commit has a signature?

    git cat-file commit <commit-hash>

    If it does, then you should see:

    -----BEGIN SSH SIGNATURE-----
  • jming
    jming
    Community Member

    Thanks for the response! Yes, I do see an SSH signature when I run that command!

  • jming
    jming
    Community Member

    Could you help me understand why git log --show-signature is unable to show that the commit is signed, even though the signature appears with git cat-file?

This discussion has been closed.