Add SSH signing #8028

Closed
opened 2025-11-02 07:51:34 -06:00 by GiteaMirror · 4 comments
Owner

Originally created by @ptman on GitHub (Oct 27, 2021).

Feature Description

Like GPG signing, but with SSH keys

https://github.com/git/git/pull/1041

Screenshots

No response

Originally created by @ptman on GitHub (Oct 27, 2021). ### Feature Description Like GPG signing, but with SSH keys https://github.com/git/git/pull/1041 ### Screenshots _No response_
GiteaMirror added the type/proposal label 2025-11-02 07:51:34 -06:00
Author
Owner

@unbeatable-101 commented on GitHub (Nov 16, 2021):

Git v2.34.0 is out now with support for this.

@unbeatable-101 commented on GitHub (Nov 16, 2021): Git v2.34.0 is out now with support for this.
Author
Owner

@melvincarvalho commented on GitHub (Nov 16, 2021):

Yes, I'm using it. It's great. Here's what it looks like currently on github:

image

https://github.com/melvincarvalho/melvincarvalho.com/commits/gh-pages

git verify-commit also works

I've mailed github support about changing that from unverified -> verified ... hopefully soon!

@melvincarvalho commented on GitHub (Nov 16, 2021): Yes, I'm using it. It's great. Here's what it looks like currently on github: ![image](https://user-images.githubusercontent.com/65864/142010765-5f464982-d829-4873-81d7-0aae95f5ad5c.png) https://github.com/melvincarvalho/melvincarvalho.com/commits/gh-pages git verify-commit also works I've mailed github support about changing that from unverified -> verified ... hopefully soon!
Author
Owner

@unbeatable-101 commented on GitHub (Nov 16, 2021):

If you click on the unverified you can see it is recognized as signed, just GitHub doesn't know how to read it.

GitHub supports GPG and S/MIME signatures. We don’t know what type of signature this is.

See also: https://github.com/github/feedback/discussions/7744

@unbeatable-101 commented on GitHub (Nov 16, 2021): If you click on the `unverified` you can see it is recognized as signed, just GitHub doesn't know how to read it. > GitHub supports GPG and S/MIME signatures. We don’t know what type of signature this is. See also: https://github.com/github/feedback/discussions/7744
Author
Owner

@42wim commented on GitHub (Nov 20, 2021):

I'm going to try and implement this.
Already created a library to create/verify those armored ssh signatures (https://github.com/42wim/sshsig)

@42wim commented on GitHub (Nov 20, 2021): I'm going to try and implement this. Already created a library to create/verify those armored ssh signatures (https://github.com/42wim/sshsig)
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/gitea#8028