vcs:commit-signing
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
vcs:commit-signing [2021/04/01 14:18] – Feedback from Rowan Tommins; add FAQ; editorial corrections bishop | vcs:commit-signing [2021/04/01 16:48] (current) – improve documentation around key expiration bishop | ||
---|---|---|---|
Line 341: | Line 341: | ||
==== Do I need a passphrase? ==== | ==== Do I need a passphrase? ==== | ||
- | Yes. If you' | + | Yes. If your private key falls into the wrong hands, they' |
==== Should my key expire? ==== | ==== Should my key expire? ==== | ||
- | This guide created an immortal key (see step 2). If you are sufficiently paranoid and do not mind periodic bookkeeping, then by all means create a key that is short lived. An expired key acts like a deleted | + | This guide created an immortal key (see step 2), because //for this use case// [[https:// |
- | + | ||
- | As part of regular | + | |
+ | As part of regular security hygiene, however, consider creating a new key and replacing the old one at GitHub annually. | ||
Line 403: | Line 402: | ||
The '' | The '' | ||
+ | |||
+ | ==== Always show signatures in logs ==== | ||
+ | |||
+ | To always display signatures in commit logs, you can configure git to always display them by default | ||
+ | |||
+ | < | ||
+ | git config --global log.showSignature true | ||
+ | </ | ||
===== Thanks ===== | ===== Thanks ===== | ||
This guide was adapted, with permission, from internal developer documentation at [[https:// | This guide was adapted, with permission, from internal developer documentation at [[https:// |
vcs/commit-signing.txt · Last modified: 2021/04/01 16:48 by bishop