编程知识 cdmana.com

GPG management submission signature verification

About submitting signature verification

You can sign, submit and mark locally , So that others can confirm that your work comes from a trusted source . If submitted or marked with password verifiable GPG or S/MIME Signature , be GitHub Submit or mark as verified .

If the submission or token has an unverifiable signature , be GitHub Submit or mark as unverified .

img

install GPG Command line tools

GPG Not installed by default on OS X or Windows On . To install GPG Command line tools , see also GnuPG Download page .

It can also be used. too Homebrew To install brew install gnupg

Check the existing GPG secret key

It's generating GPG Before the key , You can check if there are any existing GPG secret key .

$ gpg --list-secret-keys --keyid-format LONG

Check the command output to see if there is GPG Key pair .

Generate a new GPG secret key

If there is no existing GPG secret key , You can generate new GPG Key for signature submission and marking .

  1. Generate GPG Key pair

    $ gpg --full-generate-key
     Copy code 
  2. When prompted , Specify the type of key to generate , Or by Enter The key accepts the default RSA and RSA.

  3. Enter the required key length . The key must be at least 4096 position .

  4. Enter the valid duration of the key . Press Enter Key will specify the default selection , Indicates that the key will not expire .

  5. Verify that your choice is correct .

  6. Enter your user ID Information .

  7. Enter the security code .

  8. List the people whose public and private keys you have GPG secret key . Private key required for signature submission or marking . In this case ,GPG secret key ID yes 0B4436F611DCD0EC

    $ gpg --list-secret-keys --keyid-format LONG
     /Users/xsky/.gnupg/pubring.kbx
     ------------------------------
     sec   rsa4096/0B4436F611DCD0EC 2021-01-06 [SC]
           B9476F6DF471A45A0CFDF9710B4436F611DCD0EC
     uid                 [  absolute  ] linsheng (Github key) <[email protected]>
     ssb   rsa4096/15B24F4064D2384D 2021-01-06 [E]
     Copy code 
  9. Generate GPG The key

    $ gpg --armor --export 0B4436F611DCD0EC
     Copy code 
  10. Copy GPG secret key , from -----BEGIN PGP PUBLIC KEY BLOCK----- Start , To -----END PGP PUBLIC KEY BLOCK----- end .

newly added GPG Key to GitHub account

You want to configure GitHub Use a new account ( Or existing )GPG secret key , You also need to add it to GitHub account .

  1. In the upper right corner of any page , Click your profile photo , And then click Settings( Set up ).

  2. In the user settings sidebar , single click SSH and GPG keys(SSH and GPG secret key ).

  3. single click New GPG key( new GPG secret key ).

  4. stay "Key"( secret key ) Field , Paste in Generate a new GPG secret key Copied when GPG secret key .

     Key field

  5. single click Add GPG key( add to GPG secret key ).

  6. To confirm the operation , Please enter your GitHub password .

Inform... Of your signature key Git

To sign the submission locally , You need notification Git You want to use GPG secret key .

1. stay Git Set in GPG Signature key , Please paste the following text , Replace the... You want to use GPG secret key ID. In this case ,GPG secret key ID yes 0B4436F611DCD0EC

$ git config --global user.signingkey 0B4436F611DCD0EC

  1. If not used GPG Suite, Please paste the text below to GPG Key added to your bash The configuration file :

    $ test -r ~/.bash_profile && echo 'export GPG_TTY=$(tty)' >> ~/.bash_profile
    $ echo 'export GPG_TTY=$(tty)' >> ~/.profile
     Copy code 

    ** notes :** If you don't .bash_profile, This command will GPG Key added to .profile.

  2. If you accidentally exit while encrypting , An error will be reported during encryption : error: gpg failed to sign the data, At this time to run gpgconf --kill gpg-agent restart gpg-agent

Sign the submission

have access to GPG Sign the submission locally . All submissions are signed by default in any local repository on the computer , Please run

$ git config --global commit.gpgsign true

To store GPG Key password , So that you don't have to enter this password every time you sign a submission , We recommend using the following tools :

  • about Mac user ,GPG Suite Allows you to Mac OS Stored in the key chain GPG Key password .
  • about Windows user ,Gpg4win Will work with others Windows Tool Integration .
  1. When changes are committed in the local branch , Please put S Logo added to git commit command :

    $ git commit -S -m your commit message

  2. If you use GPG, After creating the submission , Provide you Generate GPG secret key The password set when .

  3. After the creation submission is completed locally , Push it to GitHub Remote warehouse on :git push

  4. See more details about verified signatures , Please click on the Verified( Verified ).

     Signed submission

版权声明
本文为[dhyuan]所创,转载请带上原文链接,感谢
https://cdmana.com/2021/09/20210909122358665x.html

Scroll to Top