====== signing git commits ======


See [[sw:gpg:forwarding]]


<code bash>
git config --global user.signingkey XXXXXXXXXXXXX
</code>

Enable signing of each commit by default:
<code bash>
git config --global commit.gpgsign true
</code>

===== signing and verifying =====

<code bash>
git verify commit <HASH>

gpg:                using RSA key XXXXXXXXXX
gpg: Good signature from "User <user@example.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: XXXX XXXX ...
</code>

See [[sw:gpg:trust_level]]