Configuring Git commit signing with Remote Desktop Manager

Prerequisites

(Optional) Configuring OpenSSH for Windows

Using OpenSSH for Windows is highly recommended when using a signing key with a passphrase as we will want to load it with the RDM key agent. Otherwise we would be asked for the passphrase every time we commit which is very inconvenient.

  1. To install OpenSSH for Windows on Windows 11, go to System - Optional features.

  2. Check that OpenSSH Client is installed. Otherwise it can be found and installed with the blue button View features.

  3. Open the Services in Windows.

  4. Set the startup type of OpenSSH Authentication Agent to Automatic and start the service.Services in Windows

  5. Open the SSH key agent by clicking Tools - SSH Key Agent in the ribbon of Remote Desktop Manager.

  6. Set the mode to OpenSSH and start the agent.

Generate the SSH key

Generate the SSH key using the ssh-keygen.

ssh-keygen -t ed25519 -C "your_email@example.com"

Configuring the key for code signing

  1. Open the SSH Key Manager (local).

  2. Select the key and click on Use for Git commit signing.

  3.  The git commit signing window opens.

  4. Check both Sign commits by default and Configure Git to use OpenSSH for Windows.

    Git commit signing
    Git commit signing

  5.  The key needs to be added in the Git provider. To do so, open Github.

  6. Go to Settings - SSH and GPG keys.

  7. Click New SSH key.

    Settings - SSH and GPG keys - New SSH key
    Settings - SSH and GPG keys - New SSH key

  8. Signing key needs to be selected as the key type.

    Signing key needs to be selected as the key type
    Signing key needs to be selected as the key type

  9. Do a commit. If a passphrase is required to access the SSH key, it will be requested at that point.

  10. To verify that our commit is correctly signed, please refer to the Commits page on GitHub. Commits signed with a known key will display a Verified label.

Load the key in the SSH key agent

To avoid the need to type the passphrase for every commit, the key can be loaded into the key manager.

  1. In the SSH Key Manager (local), select the key and use the Load in SSH key agent option. An additional option is available to automatically load the key when the key agent starts.

  2. If the key has a passphrase, a prompt will appear to enter it when the key is loaded.

  3. Set up the environment to avoid enter the passphrase.

  4. To do so, import the key in a vault using the Save as entry action.

  5. On the entry, set the passphrase and check Save passphrase.

  6. Check Automatically load to SSH key agent in the SSH key agent.


Devolutions Forum logo Give us Feedback