本文来源：Moeomu的博客

关于GitHub GPG密钥验证

开启Commit签名

GitHub有个新的“警惕模式”，启用后GPG密钥需要签名认证的commit才会显示“Verity”，启用方法如下

• 首先创建GPG密钥（GitHub官方Docs有详细方法，不再赘述）
• 列出GPG密钥的特征码：gpg -K --keyid-format LONG，将keyid记录
• 告知git使用此GPG密钥：git config user.signingkey your_keyid
• 本地git的用户名和邮箱需要和GPG密钥生成时填入的相同：git config user.name name，git config user.email email
• 启用本地git的Commit签名：git config commit.gpgsign true
• Commit签名加入-S选项：git commit -S -m message

发生致命错误-无法Commit-macOS

问题如下，复现于macOS 11.3.1中

1
2

error: gpg failed to sign the data
fatal: failed to write commit object

macOS中的解决办法

• 更新&安装

1
2
3
4
5
6
7
8

brew upgrade gnupg  # This has a make step which takes a while
brew link --overwrite gnupg
brew install pinentry-mac
echo "pinentry-program /usr/local/bin/pinentry-mac" >> ~/.gnupg/gpg-agent.conf
killall gpg-agent

git config --global gpg.program gpg  # perhaps you had this already? On linux maybe gpg2
git config --global commit.gpgsign true  # if you want to sign every commit

• 再次签名
• 查看commit状态：git log --show-signature -1