|
You are here |
navendu.me | ||
| | | | |
128bit.io
|
|
| | | | | GPG stands for GNU Privacy Guard, it's a public-key cryptography that can be used to digitally sign items like commits in Git. GPG provides a lot more functionality, but let's go into why you would want to digitally sign your Git commits. Git does not have any way to validate the author of a commit. When setting up a Git client on your system you are able to use any email address you desire. | |
| | | | |
danielms.site
|
|
| | | | | I build things and drink coffee. | |
| | | | |
melkat.blog
|
|
| | | | | Anyone can be anyone when it comes to commits. For example, here is a commit where ""Linus Torvalds"" deletes Linux. I put this document together for myself a while back, but I thought I would share it with other people who want a straightforward guide to setting up commit signing with GPG. | |
| | | | |
blog.josefsson.org
|
|
| | | [AI summary] The text discusses the setup and use of a YubiKey for OpenPGP operations, emphasizing the importance of an offline machine for security. It covers the process of generating keys, importing/exporting key pairs, and managing smartcard slots. The author also addresses common issues like repository configuration on Ubuntu and the use of gpg2 for key operations. The post includes user comments and discussions on topics such as key size limits, YubiKey versions, and best practices for key management. | ||