With separate accounts (personal, work, demo) on the same machine, you can switch Git identity and SSH key automatically based on the repository’s directory.

1. Organize by directory. One folder per account:

~/github
├── /demo
├── /personal
└── /work

2. Global ~/.gitconfig with the default account and includeIf to override in the other folders:

[user]
  name = <personal_name>
  email = <personal_email>
  signingkey = <ssh_key>
[gpg]
  format = ssh
[gpg "ssh"]
  program = "/Applications/1Password.app/Contents/MacOS/op-ssh-sign"
[commit]
  gpgsign = true
[includeIf "gitdir:~/github/work"]
  path = ~/github/work/.gitconfig

3. One .gitconfig per folder (e.g. ~/github/work/.gitconfig) with that account’s [user]. It’s only loaded inside that directory.

4. ~/.ssh/config sets 1Password as the default SSH agent and one host per account pointing at github.com:

# 1Password as the SSH agent for all hosts
Host *
    IdentityAgent "~/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock"

Host gh-work
    HostName github.com
    User git
    IdentityFile ~/.ssh/work_git.pub
    IdentitiesOnly yes

5. Point each repo’s remote at the right host:

git remote set-url origin gh-work:<org>/<repo>.git
git remote -v   # check
git fetch       # confirm the SSH key offered

With the keys in 1Password

When the keys live in 1Password — possibly across different accounts (personal, work, demo) — two pieces of the config above do all the work, and the private key never touches disk:

  • SSH authentication: the IdentityAgent line in Host * points the SSH client at 1Password’s agent socket. At authentication time (git fetch, git push), 1Password is the one that responds, offering the right private key and prompting for Touch ID approval. The IdentityFile in ~/.ssh/config points at the public key (.pub), which only lets the agent know which key of that account to use.
  • Commit signing: with gpg.format = ssh and gpg.ssh.program = op-ssh-sign, Git delegates signing to 1Password’s binary instead of GPG. Since commit.gpgsign = true, every commit is signed; each .gitconfig’s user.signingkey defines which SSH key signs in that directory. Result: the correct account authenticates and signs, with nothing to switch manually when you change folders.

Source: Working with multiple GitHub accounts and SSH keys — Andrew Stiefel