GPG support? (like SSH)

XIII
XIII
Community Member
edited March 2023 in SSH

Would it be possible to add similar support for GPG keys?

Ā«1

Comments

  • Lucent
    Lucent
    Community Member

    Very interested in this as well.

  • smanojkarthick
    smanojkarthick
    Community Member

    I'm interested in this as well since we have to GPG keys for commit verification in our Github projects.

  • MaxRaab
    MaxRaab
    Community Member

    Iā€™d like to see this feature as well.

  • Hey folks! Love to see the enthusiasm here and we are definitely evaluating this to add going forward šŸ˜„ Stay tuned!

  • smanojkarthick
    smanojkarthick
    Community Member

    Great to hear! Thank you šŸ˜€

  • XIII
    XIII
    Community Member

    Excellent!

    (Like @smanojkarthick my main use case is signing commits on GitHub so that they become verified)

  • Lucent
    Lucent
    Community Member

    My use case isn't so much interacting with other certificates the way I do with SSH but storing them in a robust way, so even accepting other types that did nothing other than storage would be great. For example, ProtonMail and other certificates corresponding to email addresses. Currently, they're all lumped into one .asc as a document in 1Password along with a note of how the backup was created: gpg --output pgp_keys.asc --armor --export-secret-keys --export-options export-backup so anything would be an improvement over that.

  • XIII
    XIII
    Community Member

    Yes, just storing (and optionally showing some additional relevant fields within the 1Password GUI) would already be nice.

  • alexclst
    alexclst
    Community Member

    I would like to see this support as well. Not just for secret GPG keys, but actually it would be somewhat awesome if 1Password could completely replace the need for GPG Suite on my Mac (I mostly use GPG for Git commit signing, so don't have GPGMail installed) by supporting the storage of public keys as well.

  • Aitareko
    Aitareko
    Community Member

    Targeting at commit signing with git:
    Since git v2.34 it is possible to sign commits with ssh keys. Currently there is no verified badge on platforms like GitHub, but since git v2.34 was only released at the end of 2021, I think it should be supported on these platforms in the near future.

  • sullimander
    sullimander
    Community Member

    I would love to see this as a feature. Right now I primarily use GPG for git commit signing, and my key lives on an Yubikey, but I would love to have it live in 1Password, and not have to have GPG Suite installed on my Mac.

  • markdorison
    markdorison
    Community Member

    I would love to see this as well!

  • kormoc
    kormoc
    Community Member

    +1

  • rodneyt
    rodneyt
    Community Member

    +1 for GPG. As verified commit in Github requires I am using this several times daily.

  • ionos
    ionos
    Community Member

    +1

  • Kitforbes
    Kitforbes
    Community Member

    +1. This would be a great addition!

  • d12bb
    d12bb
    Community Member

    +1

  • nrfirth
    nrfirth
    Community Member

    I would really appreciate the ability to store and use GPG keys as well. I recently switched to signing git commits with SSH keys instead (though GitHub only just started implementing the ability to use SSH for verified commits in vigilant mode) and 1Password works great there! GPG in 1Password would be icing on the cake!

  • ag_tyler
    edited April 2022

    Hey @nrfirth - would you be willing to join our Developer Slack Workspace to chat with me about this more? You can join our Workspace here and then send me a DM (Tyler Durkin). I'd love to ask some additional questions if you have the time!

  • enawara
    enawara
    Community Member

    Really looking forward to that feature!
    I'm also using GPG keys to sign git commits to have verified commits, and I have configured the GPG to use Yubikey security key to access the private key. When I experienced the SSH workflow with 1Password, I think it will be awesome to have the same experience with GPG keys as well.

  • itsTyrion
    itsTyrion
    Community Member

    waiting for this too šŸ‘€

  • Michael Mercurio
    Michael Mercurio
    Community Member

    +1

  • usergp
    usergp
    Community Member
    edited July 2022

    +10^10

  • v1k0d3n
    v1k0d3n
    Community Member
    edited September 2022

    Would love to see this feature added. I can think of several use cases:
    1. Restoring keys (ssh/gpg) for developers when transitioning new laptops/workstations, etc.
    2. This gets around the issue that now GitLab is experiencing where they're getting a flood of requests for ssh signing support, specifically because 1Password added this feature. LINK to JIRA Open Ticket
    3. It could provide some great synergy between apps like GPG Keychain (for macOS) and 1Password for better/smoother development workflows.

    Would love to see where this feature goes...I would be all over it day one, and would even beta test if you want (or if this is possible).

  • XIII
    XIII
    Community Member

    Now that GitHub supports signing commits via SSH (and 1Password supports that too!) I no longer need GPG support...

  • v1k0d3n
    v1k0d3n
    Community Member

    GitHub isn't the only git repository provider. I'm trying to use it for GitLab, as an example.

  • aiguofer
    aiguofer
    Community Member

    I just had to switch to Mac for a new job and finding myself having to copy over my GPG keys... it took me quite a few tries to remember my key passphrase and would love to just store it in 1password, but it'd be great if I could store it along with my private keys so they can be easily used in different computers.

  • Hi @aiguofer:

    Thanks for sharing your feedback!

    @v1k0d3n:

    GitLab.com now supports SSH key commit signing as well: Sign commits with SSH keys | GitLab

    With that said, I can definitely see how GPG key management would be helpful as well.

    Jack

  • raphiel
    raphiel
    Community Member

    I also would appriciate to see the gpg support

  • Lucent
    Lucent
    Community Member
    edited January 2023

    Seems like interest is dwindling because many were using GPG for commit signing and SSH can do that as well now. Many of us still use GPG for encrypted communication and file storage.