SSH Set Up
This guide will show you how to:
- Use 1Password to store your private SSH credentials.
- Have a biometric security check whenever you commit or push.
- Have your personal and anonymous git account live side by side safely.
- Have signed commits.
📎 Wonderland provides paid 1Password accounts for every member of the org.
Requirements
- Install 1Password as an application on your computer.
Steps
1. Create a new SSH key
If you want a fresh start, create a new SSH key with the following steps:
Go to 1Password → New Item → SSH Key → Add Private Key → Generate a New Key
If you want to use your current SSH for this setup:
Go to 1Password → New Item → SSH Key → Add Private Key → Import a Key File
Do the above 2 times, to have both a personal and an anonymous SSH key (ONLY Mac/Linux).
2. Turn on the 1Password SSH agent
*If you are on Windows (Ubuntu WSL)* you will need to check if the OpenSSH Authentication Agent service is installed and disable it:
- Press Win+R and look for OpenSSH Authentication Agent in the list of services
- If you don't see it on the list, skip ahead.
- If you see it on the list, then double click on OpenSSH Authentication Agent, in the "Startup type" menu, choose "Disabled".
To turn on the SSH agent for any OS:
- Open 1Password app, click your account and choose Settings > Developer
- Select Set Up SSH Agent, then choose whether you want to display SSH key names when you authorise connections.
Test your connection:
- Windows (WSL)
ssh.exe -T git@github.com
- Mac / Linux
ssh -T git@github.com
3. Configure your git profile
- Windows (WSL)
- Create
~/.gitconfig
- Create
- Mac / Linux
The following files will make sure you automatically use your anon SSH key whenever inside
~/Code/wonderland
, and your one whenever inside~/Code/personal
. Make sure to adapt it to fit your needs. File:~/.gitconfig
File:~/.gitconfig-personal
File:~/.gitconfig-wonderland
To try this out, using the terminal, go to any git project inside~/Code/wonderland
and paste the following:That command should print your anonymous git information.git config --get user.name && git config --get user.email
4. Configure your SSH
-
Windows (WSL) No action required. (Optional) If you have multiple SSH keys within 1Password vaults, you can edit their priority order by editing the
agent.toml
file located atC:\Users\Mati\AppData\Local\1Password\config\ssh\agent.toml
# Wonderland Anon Github Token
[[ssh-keys]]
item = "Github Anon"
vault = "Private"
account = "Wonder Ltd."
# Personal Github Token
[[ssh-keys]]
item = "Github Personal"
vault = "Personal"
account = "<THE_1PASSWORD_ACCOUNT_WHERE_YOU_HAVE_YOUR_PERSONAL_SSH>" -
Mac / Linux File:
~/.config/1Password/ssh/agent.toml
File:~/.ssh/pub/personal_git.pub
File:~/.ssh/config
5. Configure your GitHub account
- Go to https://github.com/settings/keys.
- Make sure "Flag unsigned commits as unverified" is checked.
- Click on New SSH Key
- Title: 1Password Wonderland
- Key type: Authentication Key
- Key: Paste your anon SSH public key
- Click on New SSH Key
- Title: 1Password Wonderland
- Key type: Signing Key
- Key: Paste your anon SSH public key
Authentication keys are used whenever you push/pull. Signing keys are used whenever you commit. In this case, you want to have both be the same SSH key.
That's it!
Go ahead and try it out now.