blog/gpg-git-part-1/ #970
blog/gpg-git-part-1/
#970
giscus[bot]
bot
Replies: 1 comment
-
|
Want to join in the discussion? You can do that in two ways! You can either authorize the giscus app to post on your behalf using the GitHub OAuth flow. Alternatively, you can comment in GitHub Discussions directly if you'd prefer not to grant access to the giscus app. Please keep the discussion on topic with the post. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
blog/gpg-git-part-1/
For a while now, I've been using GPG Keys to sign my Git Commits to prove that my commits on GitHub are genuine and from me. Over the last few weeks, I've been inspired by a couple of colleagues (Kudos to Adrian and Julie if you're reading this) to dig out my YubiKey and use these for my key signing activities. While there are several blog posts on the topic already, I encountered a number of roadblocks along the way. The intent of this blog post is to be the first of a series, where we'll explore what GPG is, why it may be valuable to you and how you can get going using them. We'll then take this forwards an additional step, and show how you can use YubiKeys as a second factor of verification and the benefits of this approach. By no means am I the world's expert in cryptography, and some of these topics, but I wanted to document my own understanding for posterity, as I'll inevitably need to repeat/review the process in the future. I hope that this may be useful to you.
https://www.cloudwithchris.com/blog/gpg-git-part-1/
Beta Was this translation helpful? Give feedback.
All reactions