Git Enviroment
The most secure approach is to create a separate user account on your computer for your anonymous profile, completely isolating it from your personal one. This provides the strongest separation of concerns and security.
The following guide describes how to configure both profiles under a single user account if you choose not to create a separate user. However, be aware this is less secure than full user isolation.
This guide walks you through setting up dual Git environments on WSL2 - one for personal use and another for anonymous DeFi use. You'll learn how to:
- Configure separate Git profiles with different identities
- Generate and manage SSH keys for each profile
- Set up GPG signing for verified commits
- Structure your workspace for seamless profile switching
Prerequisites
- Windows with WSL2 installed and Ubuntu terminal
- Git installed on WSL2
- GnuPG installed (
sudo apt-get install gnupg)
Directory Structure Setup
Create separate directories for personal and DeFi development:
mkdir ~/personal
mkdir ~/defi
Git Profile Configuration
We’re going to mention your anon and personal email in the guide below, but keep in mind that Github creates a private email for you that can shield you from unwanted inquires.
Create Personal Profile
nano ~/.gitconfig-personal
Add the following configuration (replace with your details):
[user]
email = your.email@example.com
name = Your Name
signingkey = <gpg_key>
[commit]
gpgsign = true
Create DeFi Profile
nano ~/.gitconfig-defi
Add the following configuration:
[user]
email = your-anon@defi.sucks
name = 0xYourAlias
signingkey = <gpg_key>
[commit]
gpgsign = true
SSH Key Setup
Create SSH directories
mkdir -p ~/.ssh/personal
mkdir -p ~/.ssh/defi
Generate personal SSH key
ssh-keygen -t ed25519 -C "your.email@example.com"
When prompted:
- Save to:
/home/your_user/.ssh/personal/id_ed25519 - Set passphrase (optional)
Generate DeFi SSH key
ssh-keygen -t ed25519 -C "your-anon@defi.sucks"
When prompted:
- Save to:
/home/your_user/.ssh/defi/id_ed25519 - Set passphrase (optional)
Add SSH keys to GitHub
# View personal key
cat ~/.ssh/personal/id_ed25519.pub
# View DeFi key
cat ~/.ssh/defi/id_ed25519.pub
Add each public key to the corresponding GitHub account under Settings → SSH Keys
GPG Key Setup
Generate GPG key:
gpg --full-generate-key
Select:
- RSA and RSA (default)
- 3072 bits
- No expiration
- Set a password for commit signing
List your GPG keys
gpg --list-secret-keys --keyid-format=long
Note the key ID after sec rsa3072/
Export GPG key for GitHub
gpg --armor --export YOUR_KEY_ID
Add the output to GitHub under Settings → GPG Keys
Update your Git configs with the GPG key ID:
- Edit both
~/.gitconfig-personaland~/.gitconfig-defi - Add the key ID to the
signingkeyfield
Profile Integration
Create master Git config
nano ~/.gitconfig
Add:
[includeIf "gitdir:~/personal/"]
path = .gitconfig-personal
[includeIf "gitdir:~/defi/"]
path = .gitconfig-defi
[program]
pgp = /usr/bin/gpg
[core]
autocrlf = input
Configure SSH profiles
nano ~/.ssh/config
Add:
Host github-defi
HostName github.com
User git
IdentitiesOnly yes
IdentityFile ~/.ssh/defi/id_ed25519
Host github.com
HostName github.com
User git
IdentitiesOnly yes
IdentityFile ~/.ssh/personal/id_ed25519
Configure GPG for terminal
echo "export GPG_TTY=\\$(tty)" >> ~/.bash_profile
Usage
Cloning Repositories
For personal repos:
git clone git@github.com:owner/repo.git
For DeFi repos:
git clone git@github-defi:owner/repo.git
Verifying Setup
Test SSH connection:
# Personal
ssh -T git@github.com
# DeFi
ssh -T git@github-defi
Test GPG signing:
# Force GPG signing if not working
git config --global commit.gpgsign true
# Make a test commit and verify it shows as "verified" on GitHub
Troubleshooting
Commits aren't being signed
- Verify GPG key configuration:
git config --global --list | grep gpg
- Ensure GPG agent is running:
gpg-agent --daemon
- Test GPG signing:
echo "test" | gpg --clearsign
SSH authentication fails
- check SSH agent:
eval $(ssh-agent -s)
ssh-add ~/.ssh/personal/id_ed25519
ssh-add ~/.ssh/defi/id_ed25519
- Verify key permissions:
chmod 600 ~/.ssh/personal/id_ed25519
chmod 600 ~/.ssh/defi/id_ed25519