Last active
November 4, 2023 15:22
-
-
Save paulmillr/2be0416b4bc3b6d98b885122dbe967f9 to your computer and use it in GitHub Desktop.
Revisions
-
paulmillr revised this gist
May 30, 2022 . 1 changed file with 3 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -18,4 +18,6 @@ git config --global user.signingkey 'ssh-ed25519 AAAAC3N...' echo '[email protected] valid-after="20220501",valid-before="20220601" ssh-ed25519 AAAAC3N...' > ~/.ssh/allowed_signers eval "$(ssh-agent -s)" ``` - You need to have `~/.ssh/allowed_signers` file with **all keys**, otherwise, the `git log` will fail, which is a huge UX mess -
May 30, 2022 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,21 @@ # Sign git commits with ssh key - git version must be >= 2.34. Earlier versions don't support `gpg.format ssh` (signing commits with ssh keys). If you're printing signature keys in git log by using `%GK %GF %GP %GT` in `git.format.pretty`, earlier versions will **crash** when doing `git log` with following error: `BUG: gpg-interface.c:284: bad signature` - OpenSSH version must be >= 8.8. Earlier versions don't support `valid-after,valid-before` options. The setup is as following: ``` git config --global gpg.format ssh git config --global gpg.ssh.allowedSignersFile ~/.ssh/allowed_signers git config --global user.signingkey 'ssh-ed25519 AAAAC3N...' echo '[email protected] valid-after="20220501",valid-before="20220601" ssh-ed25519 AAAAC3N...' > ~/.ssh/allowed_signers eval "$(ssh-agent -s)" ```