With separate accounts (personal, work, demo) on the same machine, you can switch Git identity and SSH key automatically based on the repository’s directory.
1. Organize by directory. One folder per account:
~/github
├── /demo
├── /personal
└── /work
2. Global ~/.gitconfig with the default account and includeIf to
override in the other folders:
[user]
name = <personal_name>
email = <personal_email>
signingkey = <ssh_key>
[gpg]
format = ssh
[gpg "ssh"]
program = "/Applications/1Password.app/Contents/MacOS/op-ssh-sign"
[commit]
gpgsign = true
[includeIf "gitdir:~/github/work"]
path = ~/github/work/.gitconfig
3. One .gitconfig per folder (e.g. ~/github/work/.gitconfig) with that
account’s [user]. It’s only loaded inside that directory.
4. ~/.ssh/config sets 1Password as the default SSH agent and one host per
account pointing at github.com:
# 1Password as the SSH agent for all hosts
Host *
IdentityAgent "~/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock"
Host gh-work
HostName github.com
User git
IdentityFile ~/.ssh/work_git.pub
IdentitiesOnly yes
5. Point each repo’s remote at the right host:
git remote set-url origin gh-work:<org>/<repo>.git
git remote -v # check
git fetch # confirm the SSH key offered
With the keys in 1Password
When the keys live in 1Password — possibly across different accounts (personal, work, demo) — two pieces of the config above do all the work, and the private key never touches disk:
- SSH authentication: the
IdentityAgentline inHost *points the SSH client at 1Password’s agent socket. At authentication time (git fetch,git push), 1Password is the one that responds, offering the right private key and prompting for Touch ID approval. TheIdentityFilein~/.ssh/configpoints at the public key (.pub), which only lets the agent know which key of that account to use. - Commit signing: with
gpg.format = sshandgpg.ssh.program = op-ssh-sign, Git delegates signing to 1Password’s binary instead of GPG. Sincecommit.gpgsign = true, every commit is signed; each.gitconfig’suser.signingkeydefines which SSH key signs in that directory. Result: the correct account authenticates and signs, with nothing to switch manually when you change folders.
Source: Working with multiple GitHub accounts and SSH keys — Andrew Stiefel