Git Signature
A Git signature is a way to prove that a commit or tag was really created by you and has not been changed.
A Git signature is like signing your name on your work so everyone knows it really came from you.
Setup Git Signature
follow the commands:
Terminal
# Enable SSH format for signing
git config --global gpg.format ssh
# Add the SSH key as the signing key
git config --global user.signingkey ~/.ssh/[key-name].pub
# Enable automatic signing of commits
git config --global commit.gpgsign true- To get the
[key-name]
Terminal
ls -la ~/.sshLook for files ending in .pub Common names include:
id_ed25519.pub Or id_rsa.pub Then replace it in the [key-name].
Exemple:
Terminal
git config --global user.signingkey ~/.ssh/id_rsa.pubLocal Verification Configuration
Terminal
# Tell Git who is allowed to verify signatures
git config --global gpg.ssh.allowedSignersFile "~/.ssh/allowed_signers"
# Add your user information to the file to verify commits
echo "$(git config --get user.email) namespaces=\"git\" $(cat ~/.ssh/[key-name].pub)" >> ~/.ssh/allowed_signers
# Verify signatures in your commit logs
git log --show-signatureLast updated on