SSH Signing
As added on version 2.34.0 of git (https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.34.0.txt)
You can now sign commits with SSH Keys. Having support for this could be interesting to promote commit signing.
It does require OpenSSH 8.8, as in 8.7 is not working, this may be a limiting factor.
Comments: 24
-
09 Sep, '22
MattiaThis would be really helpful. Our org requires commit signing, and creating GPG key is way complex than creating SSH keys. Also because some password manager, like 1Password, now allow an easy SSH sign configuration.
-
09 Sep, '22
Mike ValstarI too would like to see this as it's now supported by 1password as well
-
23 Sep, '22
ShadowLoopI bought myself a license for GitKraken Pro over 4 or 5 years ago for use personally and for work (work wouldn't get me a license), and have been using GPG signing the entire time. My company has made the decision to force all employers to use SSH signing and as such is a deal breaker for me, as GitKraken changes repo config for GPG every time you switch profiles etc.
It would be great to be able to have a new option under GPG settings to ask what format to use (defaulted as gpg but allows ssh as a option), then ssh is selected the other options are still relevant (there is still a signing key needed, whether to sign commits and tags).
Don't mean to "solutionise", as a software engineer I can't help it when looking at something to imaging what is needed under the hood! 🤣
At the very least, perhaps a option in gitgraken to disable gpg altogether and leave it to what is configured in the git repo config and globally; does mean it wouldn't change per profile though. -
05 Nov, '22
Ilkka1Password makes this amazingly easy to set up and it's been working brilliantly for me with CLI git, magit, lazygit etc. Would love to see this supported -- hopefully in a way that just leverages my existing `~/.gitconfig` settings for it.
-
16 Nov, '22
KyleGitHub Enterprise Server just launched with support for SSH Key commit signing, would be great to be able to use this in our org.
GPG is a bit of a pain point due to support on Windows being a bit lackluster and annoying to setup. -
28 Dec, '22
DanGitLab also added support for SSH key commit signing https://docs.gitlab.com/ee/user/project/repository/ssh_signed_commits/
-
23 Jan, '23
Dirk BesterIf you cannot sign my commits using my Github signing key then using GitKraken is a nonstarter.
-
23 Jan, '23
AdamBump as request for this feature. Just started using 1password and would greatly prefer to not deal with GPG keys anymore and use SSH key signing instead.
-
27 Jan, '23
SamIs this seriously still not implemented? After switching my whole workflow over to SSH key signing, GitKraken is the only tool that doesn't support it. So guess what tool will be tossed aside until they can get with the times.
-
27 Jan, '23
SamOoof, it's even worse. Every time I try to open a repo, it overwrites my SSH signing key in ~/.gitconfig . Now GK is really unusable.
-
08 Feb, '23
DaveSame here
I've been a long time user of gitkraken - since version 2, but now I've had to shift my workflow over to "other" tooling due to the fact that they are so far behind on this one.
While the client has gotten slightly bloated over the years with features such as timeline (which was retired) - rather than adding new things like WSLg support - how about we get this one done first then work on other things?
Most git hosts are moving this way. Github and Gitlab both have it now and they are prob the biggest (outside of Azure DevOps / TFS) providers.
It's a real shame as I do love the client - it has the nicest interface to work with compared with "other" tooling that hides things behind extra clicks or menus for no apparent reason. -
21 Feb, '23
Stefan+1 from me too on this issue, would really love to see this in an upcoming update.
-
13 Mar, '23
Dana MisonThis has become a problem for me at work too.
-
24 Mar, '23
AaronPLEASE make this happen 🙏🏻🙏🏻🙏🏻
-
11 Apr, '23
Kostas ApostolopoulosI'm also blocked, using 1Password at work and this really grinds my gears
-
17 Apr, '23
AdamAnother bump for this feature request. It is baffling to me that GK still has not implemented this feature. Being able to use this + 1password would be a dream come true, but I might have to give up on GK if they don't get this integrated soon.
-
08 May, '23
IbaiI'd also love to have this. GK rn breaks my gitconfig each time I change profiles.
-
14 May, '23
DaveWe really need this..
I thought the inclusion of the switch to git from nodegit in experimental options would allow this
Unfortunately - it seems to completely ignore ~/.gitconfig -
28 Jun, '23
ChadWe really need this on our team as well. Even though my system is configured to automatically sign commits, GitKraken ignores the settings.. We'd really like to force signed commits on our repos AND use GitKraken. Is there an alternative software we can use that does support SSH signed commits?
-
07 Jul, '23
FranciscoPlease. Add this feature!
-
11 Jul, '23
Trevor AdminSSH signing is now supported with the release of GitKraken Client 9.6!
Signing commits with an SSH key is supported with the Git Executable feature enabled. In this release, commit signing will need to be configured in your gitconfig. Our team is working to add configuration options directly from Preferences in a future release.
For more details on SSH signing and the 9.6 release, visit our release notes: https://help.gitkraken.com/gitkraken-client/current/#version-9-6-0
Thank you for taking the time to provide feedback! Your input is greatly appreciated as we continue to improve GitKraken Client. -
12 Jul, '23
DaveYes!
I can finally return to my fav client
Thanks! -
12 Jul, '23
Ats UThanks!
2
> Note that actions that do not currently use the Git Executable (like rebasing) will still use GPG for signing.
When will rebase support signing with ssh key? -
14 Aug
paulvFYI rebasing is now supported through the Git Executable "experimental" feature as of GitKraken 9.13.0 (https://help.gitkraken.com/gitkraken-desktop/experimental-features/#features-using-the-git-executable) so SSH commit signing should be working in this way.
But personally I'm still waiting for the migration to Git Executable to be complete to migrate my workflow from GPG to SSH commit signing, because as of 10.2.0 git amend is still not supported. Using SSH commit signing right now could sometimes result in you pushing commits unsigned or signed using GPG (if maybe GitKraken falls back auto to GPG) if you are not careful of the signature of each of your commits after every action you take.