1

GitHub recently started supporting signing commits via SSH opposed to via GPG.

I created a SSH key specifically for signing commits, and added it to the ssh agent using ssh-add. I can see it when listing the public keys:

$ ssh-add -L
ecdsa-sha2-abc123 ABC123/abc123+abc123+abc123== (stdin)

However, git for some reason cannot find this key:

$ git config gpg.format ssh
$ git config user.signingKey 'ecdsa-sha2-abc123 ABC123/abc123+abc123+abc123=='        
$ git commit --allow-empty --message='signing using ssh!'
error: Couldn't load public key ecdsa-sha2-abc123 ABC123/abc123+abc123+abc123==: No such file or directory?

fatal: failed to write commit object

How come git cannot find the key which clearly is present in ssh-add?

gosuto
  • 5,422
  • 6
  • 36
  • 57
  • 1
    "*Alternatively it can contain a public key **prefixed with key::***" — emphasize mine. Without the prefix `key::` the content of the `user.signingKey` is considered a path to the key file. So you should fix `git config user.signingKey 'key::ecdsa-sha2-abc123 ABC123/abc123+abc123+abc123=='` See also [`git help config`](https://git-scm.com/docs/git-config#Documentation/git-config.txt-usersigningKey). – phd Aug 25 '22 at 10:23
  • 1
    @phd is right, if you want to do use the literal string, you'd need to prefix with `key::`; or alternatively, you could put in the file path of the key – [more explanation here](https://dev.to/li/correctly-telling-git-about-your-ssh-key-for-signing-commits-4c2c) – Neo Aug 27 '22 at 19:00

0 Answers0