On Fri, Sep 13, 2024 at 11:05 AM Phillip Wood <phillip.wood123@xxxxxxxxx> wrote: > > Hi Justin > > On 13/09/2024 10:58, Justin Su wrote: > > I use Secretive (https://github.com/maxgoedjen/secretive) to store my > > SSH keys on macOS. I've configured my ssh_config to use it as the > > IdentityAgent, and Git can push and pull just fine. > > > > However, it seems that Git ignores IdentityAgent when signing commits, > > resulting in the following error message: > > Git just runs "ssh -Y". I can reproduce this on linux - I suspect the > problem is that ssh does not read the IdentityAgent config when signing > even if it is outside a Host/Match in the config file. Agreed, this seems like a ssh-keygen limitation. I reproduced this directly with ssh-keygen on macOS. According to its man page, if you pass a public key for the `-f` option, then the private half needs to be available via ssh-agent. The man page doesn't mention SSH_AUTH_SOCK either, but I guess it's the best solution for my use case. > Best Wishes > > Phillip > > > error: No private key found for public key "foo.pub"? > > fatal: failed to write commit object > > > > I've worked around this by setting SSH_AUTH_SOCK, but this doesn't > > feel correct to me. Is this intended behaviour? > > > > Thanks, > > Justin > >
