DEV Community

David Lun
David Lun

Posted on • Originally published at

How to configure 1Password SSH Key and automatically sign your commits on GitHub?

  • First generate ssh key using 1Password and save it in Vault. Optionally you can add your existing keys manually.

  • On 1Password Settings -> Developer check Use the SSH agent box.

  • Create allowed-signers file, Sublime Merge complains if it can't find this file and shows all commits as invalid.

mkdir -p /home/$(whoami)/config/git/
touch /home/$(whoami)/config/git/allowed-signers
Enter fullscreen mode Exit fullscreen mode
  • Update your local git configuration ~/.gitconfig
    format = ssh
[gpg "ssh"]
    program = /opt/1Password/op-ssh-sign
    allowedSignersFile = /home/user/config/git/allowed-signers
    gpgsign = true
    signingKey = ssh-ed25519 pubkey
    name = Your name
    email =
    defaultBranch = main
Enter fullscreen mode Exit fullscreen mode
  • Update local SSH configuration to use 1Password's SSH agent for all hosts ~/.ssh/config
Host *
        IdentityAgent ~/.1password/agent.sock
Enter fullscreen mode Exit fullscreen mode
  • Finally Add your public key to your GitHub account Settings -> SSH and GPG keys -> Signing keys

1Password will pop-up to authorize the use of your private key and if you generated your private key in the app it is never saved on the computer.

Top comments (0)