Stack Overflow
Stack Overflow

Questions tagged [git-sign]

For issues related to signing tags and commits in [git]

Signing a tag or commit in Git is a method of verifying the author of that specific tag or commit using a private key.

External Links

17 questions
131
votes
11 answers

Git sign off previous commits?

I was wondering how to sign(-s) off previous commits that I have made in the past in git? CLARIFICATION: Git has confusingly similarly named concepts git commit -s, --signoff (lower case -s) and git commit -S, --gpg-sign (upper case -S). This…
camelCaseD
  • 2,483
  • 5
  • 29
  • 44
38
votes
2 answers

Sign git commits with GPG

Is there a way to sign git commits with gpg? It's so easy with tags (using -s instead of -a), it seems there would be a similar function for commits.
austin1howard
  • 4,815
  • 3
  • 20
  • 23
30
votes
3 answers

Disable enter passphrase for each commit

1. Summary I can't disable enter passphrase each time, how I make commit. 2. Environment Windows 10 Enterprise LTSB 64-bit EN, git 2.16.2.windows.1, gpg-agent (GnuPG) 2.2.4, gpg4win 3.0.3. 3. Steps to reproduce I install and set Gpg4win → I move…
Саша Черных
  • 2,561
  • 4
  • 25
  • 71
12
votes
3 answers

Commit signing using sourcetree on windows

Currently (13th Feb 2018) Sourcetree supports commit signing in Mac version only. And from this question (since 2013) commit signing still isn't available in Windows version. So is it possible to sign commit in Windows version of sourcetree?
theminer3746
  • 888
  • 13
  • 32
11
votes
1 answer

Signing Git Commits on Remote VSCode Session

I am currently developing code on a remote server by using Visual Studio Code's remote SSH feature to remotely edit code using VSCode that is running on my local machine. Local machine is on Mac OS X Catalina 10.15.5, while the remote server is…
Nyxynyx
  • 61,411
  • 155
  • 482
  • 830
10
votes
1 answer

What is a signed commit?

What does it mean to sign a commit in Git? Even after reading the documentation, I'm still a bit confused on how it works. If a commit is signed, does that mean we can tell whether or not the author name and email on a commit are accurate?
Stevoisiak
  • 23,794
  • 27
  • 122
  • 225
9
votes
1 answer

Support for signing tags and verifying signatures in Azure DevOps

Can't find any reference to the possibility to sign tags/verify signatures in Azure DevOps. Seems like you have to implement it yourself if you want to use it in Azure DevOps Pipelines. Am I missing something? Are there any plans in Azure DevOps to…
Jan
  • 93
  • 1
  • 4
7
votes
3 answers

Git commit error: cannot spawn gpg.exe: No such file or directory

This is what I am getting as output when I am trying to commit any file. I tried installing git again and watched some tutorials on youtube to get it started again but it didn't work. Still getting the same error: error: cannot spawn C:\Program…
Avinash Kumar
  • 71
  • 1
  • 5
5
votes
2 answers

Git sign commit somewhere in history

On a number of parts of the Internet (such as here), it is implied that git commits must be signed when being done or never. However, technically a signature on a commit is nothing more than a signature on the commit object (as shown here), that…
Ekleog
  • 1,054
  • 7
  • 19
4
votes
3 answers

GIT signed tags and passphrase

how can i make git auto enter my passphrase when i signed tags. is there an option like -- passphrase "my long passphrase", i did try using ssh-keygen but it did not help. the Repository is on local and everything is done locally.
Flan Alflani
  • 2,065
  • 3
  • 15
  • 17
3
votes
2 answers

What is the difference between git commit -S and -s?

I recently got to know about signed commits and they are recommended. We can sign commits locally with git commit -S. After that I read the git man page and there was an option called -s (used as git commit -s) and it said that option signs the…
Hyperx837
  • 773
  • 5
  • 13
2
votes
0 answers

How To Setup Git SSH Server To GPG Sign Git Push Requests?

I am trying to setup my private git SSH server to accept GPG-signed push requests. I have tried to follow Konstantin's instructions: https://people.kernel.org/monsieuricon/signed-git-pushes On my server machine I configured the config file of the…
T. Salim
  • 121
  • 2
  • 4
1
vote
0 answers

multiple signingkeys for one git profile

I wanna sign my git commits with yubikeys. For backup reasons I have two with a different key on each one. Now I want to sign my commits with the keys on the yubikey. Adding multiple keys to the web gui does not seem to be a problem, but I have…
Lithilion
  • 1,097
  • 2
  • 11
  • 26
0
votes
0 answers

How to verify good signature of a git signed tag without using command "git verify-tag"

I made a git signed tag, using this command: git tag -s Is there another alternatives to check the signature of this tag without using the command: git verify-tag or git tag -v ? My tag is signed locally on a git local repository…
Joker
  • 33
  • 7
0
votes
1 answer

Is there any way to set up an SSH config profile to perform GPG signing automatically?

My workplace has had me set up SSH git and GPG signing for my work. I have a few different GitHub accounts for different things, so I also have an SSH config set up in order to not have to do the same things over and over each time I set up/work on…
Mason Hicks
  • 13
  • 2
1
2