Signing back into the Community for the first time? You'll need to reset your password to access your account.  Find out more.

Forum Discussion

Former Member's avatar
Former Member
3 years ago

Git Commit Signing with SSH Key (Unverified persists)

Hey,
I use the SSH function to save my Github SSH Key in 1Password.
I added an SSH key (https://github.com/settings/keys) with 1Password. 1Password created one SSH Key and automatically put the public key into the Github Public Key field. After that, I configured the commit signing and added the snippet (provided by 1Password) into my .gitignore.
From that moment on, I thought the signing process would work. But the "Unverified" badge on Github still persists.

After some research, I made further attempts like:
* Adding "-S" flag to git commit (https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits)
* Repeated the process described above
* Double-checked .gitignore

Nevertheless, the problem persists, and I cannot verify my git commits.

I hope you can help out.


1Password Version: 1Password for Mac 8.9.10 (80910043)
Extension Version: Not Provided
OS Version: MacOS 13.0.1
Browser:_ Not Provided

  • Former Member's avatar
    Former Member

    Jack_P_1P Thank you for this discussion. This also helped me when I was trying to contribute to 1Password's Open source. Finally , I can see Verified tag on the PR now 😀.

  • Jack_P_1P's avatar
    Jack_P_1P
    Icon for 1Password Team rank1Password Team

    Hey @ChristophBeckmann:

    You're very welcome, and I got caught up by the same thing when this first rolled out on GitHub. 🙂

    Please get in touch if there's anything we can help you with in the future!

    Jack

  • Former Member's avatar
    Former Member

    Hey Jack_P_1P,

    well, I'm feeling kind of stupid, but that was the missing part. I thought with Uploading the Authentication Keys Github would know my public key for signing as well.

    Thanks!

  • Jack_P_1P's avatar
    Jack_P_1P
    Icon for 1Password Team rank1Password Team

    Hi @ChristophBeckmann:

    Thanks for reaching out about this. Just to confirm, is your SSH public key added as both a signing and authentication key in GitHub's settings?

    Let me know.

    Jack

    • victoraldecoa's avatar
      victoraldecoa
      New Contributor

      Omg, I have been struggling with this for so long, I never realized GitHub's "New SSH key" had a "key type" field. Thank you so much!!

  • Former Member's avatar
    Former Member

    In addition, Github writes, when I click on the badge "Unverified": "Upload your public signing SSH key to verify your signature." But the public key has been entered into the field by 1Password on the one hand and on the other hand it is also in the .gitconfig.