Created
December 13, 2023 14:39
-
-
Save jgarber623/5c5546742a6b9400e75c46723695e7e6 to your computer and use it in GitHub Desktop.
A minimal set of configuration to use an SSH key stored in 1Password with Git (and Dev Containers).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ~/.zprofile | |
| # | |
| # Rather than follow 1Password's recommendation to configure this in ~/.ssh/config, override | |
| # macOS' default SSH_AUTH_SOCK environment variable. In testing, this configuration allowed | |
| # for Visual Studio Code's Dev Containers extension to reliably connect to the host machine's | |
| # SSH agent. | |
| # | |
| # ~/.zprofile (or ~/.bash_profile) is the recommended location, but other files sourced | |
| # by your shell _might_ work. | |
| export SSH_AUTH_SOCK="${HOME}/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ~/.gitconfig | |
| # | |
| # Ensure you have a current version of Git installed (v2.43.0 is known good). Commit signing | |
| # with SSH keys was added recently. | |
| [commit] | |
| gpgSign = true | |
| [gpg] | |
| format = ssh | |
| [gpg "ssh"] | |
| allowedSignersFile = ~/.ssh/allowed_signers | |
| [tag] | |
| gpgSign = true | |
| [user] | |
| name = FirstName LastName | |
| email = [email protected] | |
| signingKey = key::ssh-ed25519 <public_key_from_1password> | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ~/.ssh/allowed_signers | |
| # | |
| # You can add as many lines to this file as you'd like in the format detailed below. Maybe | |
| # add all of your teammates' public keys so that their signed Git commits will display as | |
| # verified when invoking commands like `git show --show-signature`, `git log --show-signature`, | |
| # etc. etc. etc. | |
| [email protected] ssh-ed25519 <public_key_from_1password> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
In 1Password 8 (or newer), enable the following settings for maximum convenience:
Note
If you're migrating from an existing setup, you may want to disable, comment-out, or otherwise remove any existing configuration in
~/.ssh/config.Additionally, you may want (or need) to remove the
credential.helpersetting in~/.gitconfig. On macOS, this setting is often configured toosxkeychain.