Git 使用 GPG 签名验证
source link: https://violarulan.github.io/blog/git-gpg-verify/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Programmer, Data Analyst and Gamer
Git 使用 GPG 签名验证
为了装逼可以在 Github 上面显示一个 Verified 的标签
下面是折腾步骤
生成 GPG Key
$ gpg --gen-key
gpg (GnuPG/MacGPG2) 2.0.28; Copyright (C) 2015 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
# 选择 Key 种类,选择 1 或者 回车
Your selection? [ENTER]
RSA keys may be between 1024 and 4096 bits long.
# Key 长度
What keysize do you want? (2048) [ENTER]
Requested keysize is 2048 bits
Please specify how long the key should be valid.
0 = key does not expire
= key expires in n days
w = key expires in n weeks
m = key expires in n months
y = key expires in n years
# 过期时间
Key is valid for? (0) 0
Key expires at 日 6/11 22:33:50 2017 CST
# 检查正确
Is this correct? (y/N) y
GnuPG needs to construct a user ID to identify your key.
Real name: [姓名]
Email address: [邮箱]
Comment:
You selected this USER-ID:
"AAA "
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.
# 输入密码
# 接下来可以等一会儿,可以在后台进行一些操作加快速度
# 可以参考 http://stackoverflow.com/questions/12257653/gpg-not-enough-random-bytes-available-please-do-some-other-work-to-give-the-o 中的一些操作
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: key B5DB6617 marked as ultimately trusted
public and secret key created and signed.
gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 3 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 3u
gpg: next trustdb check due at 2017-06-11
pub 2048R/B5DB2387 xxxxxxxxx
# B5DB2387 这个一会儿还会要用到
Key fingerprint = XXXX XXXX XXXX ...
uid [ultimate] xxx
sub 2048R/1F4A9B85 xxxxxxxxx
启用 GPG
进入一个仓库 输入 git config commit.gpgsign true
启用 GPG Sign
也可以加入 --global
全局生效 git config --globall commit.gpgsign true
配置 Sign key
git config --global user.signingkey B5DB2387 #就是刚才记住的 Pub
这样本地就算基本配置完成了,现在添加到 Github
gpg --armor --export B5DB2387
吐出一坨东西,全部复制
-----BEGIN PGP PUBLIC KEY BLOCK-----
Comment: GPGTools - https://gpgtools.org
****************************************************************
****************************************************************
****************************************************************
****************************************************************
-----END PGP PUBLIC KEY BLOCK-----
进入 https://github.com/settings/keys → New GPG Key
粘贴进去。
至此配置完成
在 commit 时
git commit -S -m "some description"
过程中可能需要生成密钥时的 passphrase。
Recommend
-
48
首先要安装好 GPG 工具。 $ brew install gnupg gnupg2 pinentry-mac 配置使用环境。 $ test -r ~/.bash_profile && echo 'expor...
-
9
GPG Sign Your Git Commits Posted: 2014-06-04 - Last updated: 2019-06-05 Tagged
-
3
使用GPG对Git Commit进行签名 发表于 2020-04-12 | 分类于 技术控 | 0...
-
10
安装Gpg4win前往官网下载并安装Gpg4win。 注意安装时一定要勾选
-
8
Learn Linux, Vim, Git, Tmux, Gpg and more
-
4
使用GPG key 对GITHUB 的commit 进行签名 哎哎3年前 (2018-01-10)知乎精选133 1:结果展示进行认证后...
-
7
由于 Git 的基于邮箱验证身份的特性,你可以十分轻松地伪造成为别人进行 Commit 。那如何保证这个 Commit 真的是开发者提交的呢?这时候就需要一个特殊的密钥——GPG key 进行认证了。关于 GPGGNU Privacy Guard(GnuPG 或 GPG)是一个密码学软件...
-
7
让你的 git commits 更安全。 生成 GPG Key# $ gpg --gen-key 生成时需要的信...
-
25
Git Using 1password Gpg And Git For Seamless Commit Signing ...
-
8
GPG and git on macOS Setup No need for homebrew or anything like that. Works with https://www.git-tower.com and the command line. Install
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK