Git Sign Commits With SSH#

https://docs.gitlab.com/ee/user/project/repository/signed_commits/ssh.html

First, make sure that your pubkey is present in Gitlab.

Get the MD5 hash of your key file:

ssh-keygen -Emd5 -lf ~/.ssh/id_ed25519.pub | rg '.*MD5:(\S+) .*' -r '$1'

In Gitlab, navigate to Profile > SSH Keys, e.g. -/profile/keys, and look for the above md5 hash.

Next, tell git to always sign with your SSH key:

git config --global gpg.format ssh
git config --global user.signingkey ~/.ssh/id_ed25519.pub
git config --global commit.gpgsign true

Use a global allowed_signers file to verify commits locally:

touch ~/.ssh/allowed_signers
git config gpg.ssh.allowedSignersFile ~/.ssh/allowed_signers
echo "$(git config --get user.email) namespaces=\"git\" $(cat ~/.ssh/id_ed25519.pub)" >> ~/.ssh/allowed_signers

In some repo:

git commit
git log --show-signature

TIL: inxi system information LVM Snapshot Create / Merge / Rollback

Recent Posts

Tags

Archives

Languages

Git Sign Commits With SSH#