<rss xmlns:atom="http://www.w3.org/2005/Atom" version="2.0"><channel><title>gpg - Tag - Coding Life Share</title><link>https://blog.xwi88.com/en/tags/gpg/</link><description>gpg - Tag - Coding Life Share</description><generator>Hugo -- gohugo.io</generator><language>en</language><managingEditor>278810732@qq.com (xwi88)</managingEditor><webMaster>278810732@qq.com (xwi88)</webMaster><copyright>This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.</copyright><lastBuildDate>Wed, 09 Mar 2022 12:31:34 +0800</lastBuildDate><atom:link href="https://blog.xwi88.com/en/tags/gpg/" rel="self" type="application/rss+xml"/><item><title>Signing Git Commits &amp; Tags with GPG</title><link>https://blog.xwi88.com/en/git-sign-tags-commits-with-gpg/</link><pubDate>Wed, 09 Mar 2022 12:31:34 +0800</pubDate><author>xwi88</author><guid>https://blog.xwi88.com/en/git-sign-tags-commits-with-gpg/</guid><description><![CDATA[<p>Using <em><a href="https://gnupg.org/" target="_blank" rel="noopener noreffer ">GPG</a></em> or <em><a href="https://docs.microsoft.com/en-us/exchange/security-and-compliance/smime-exo/smime-exo" target="_blank" rel="noopener noreffer ">S/MIME</a></em>, you can sign <em>tags</em> or <em>commits</em> locally. Those <em>tags</em>/<em>commits</em> are then marked as trusted on <em>GitHub</em>, so others can be confident the changes came from a trusted source.</p>
<blockquote>
<p><strong>Copyright notice</strong>: This is an original article by <strong><a href="https://github.com/xwi88" target="_blank" rel="noopener noreffer ">xwi88</a></strong>, licensed under <a href="https://creativecommons.org/licenses/by-nc/4.0/" target="_blank" rel="noopener noreffer ">CC BY-NC 4.0</a>. Commercial use is prohibited; please cite the source when reposting. Follow at <a href="https://github.com/xwi88" target="_blank" rel="noopener noreffer ">https://github.com/xwi88</a></p>
</blockquote>
<h2 id="enable-vigilant-mode">
    <a href="#enable-vigilant-mode" class="header-anchor" aria-label="Link to Enable vigilant mode"></a>Enable vigilant mode</h2>
<p>With <strong><a href="https://docs.github.com/en/authentication/managing-commit-signature-verification/displaying-verification-statuses-for-all-of-your-commits#about-vigilant-mode" target="_blank" rel="noopener noreffer ">vigilant</a></strong> mode on, your own unsigned commits are flagged <strong>Unverified</strong>. This <strong>alerts you and others to potential authenticity issues</strong>. The author and committer of a Git commit are easily spoofed — someone could push a commit that claims to be yours but isn&rsquo;t.</p>
<blockquote>
<p>Path: <strong>Settings</strong>-&gt;<strong><a href="https://github.com/settings/keys" target="_blank" rel="noopener noreffer ">SSH and GPG keys</a></strong>&gt;<strong>Vigilant mode</strong>-&gt;select <strong>Flag unsigned commits as unverified</strong></p>
</blockquote>
<h2 id="gpg-command">
    <a href="#gpg-command" class="header-anchor" aria-label="Link to GPG Command"></a>GPG Command</h2>
<h3 id="man-gpg">
    <a href="#man-gpg" class="header-anchor" aria-label="Link to man gpg"></a><strong>man gpg</strong></h3>
<div class="highlight"><div class="chroma">
<table class="lntable"><tr><td class="lntd">
<pre tabindex="0" class="chroma"><code><span class="lnt">  1
</span><span class="lnt">  2
</span><span class="lnt">  3
</span><span class="lnt">  4
</span><span class="lnt">  5
</span><span class="lnt">  6
</span><span class="lnt">  7
</span><span class="lnt">  8
</span><span class="lnt">  9
</span><span class="lnt"> 10
</span><span class="lnt"> 11
</span><span class="lnt"> 12
</span><span class="lnt"> 13
</span><span class="lnt"> 14
</span><span class="lnt"> 15
</span><span class="lnt"> 16
</span><span class="lnt"> 17
</span><span class="lnt"> 18
</span><span class="lnt"> 19
</span><span class="lnt"> 20
</span><span class="lnt"> 21
</span><span class="lnt"> 22
</span><span class="lnt"> 23
</span><span class="lnt"> 24
</span><span class="lnt"> 25
</span><span class="lnt"> 26
</span><span class="lnt"> 27
</span><span class="lnt"> 28
</span><span class="lnt"> 29
</span><span class="lnt"> 30
</span><span class="lnt"> 31
</span><span class="lnt"> 32
</span><span class="lnt"> 33
</span><span class="lnt"> 34
</span><span class="lnt"> 35
</span><span class="lnt"> 36
</span><span class="lnt"> 37
</span><span class="lnt"> 38
</span><span class="lnt"> 39
</span><span class="lnt"> 40
</span><span class="lnt"> 41
</span><span class="lnt"> 42
</span><span class="lnt"> 43
</span><span class="lnt"> 44
</span><span class="lnt"> 45
</span><span class="lnt"> 46
</span><span class="lnt"> 47
</span><span class="lnt"> 48
</span><span class="lnt"> 49
</span><span class="lnt"> 50
</span><span class="lnt"> 51
</span><span class="lnt"> 52
</span><span class="lnt"> 53
</span><span class="lnt"> 54
</span><span class="lnt"> 55
</span><span class="lnt"> 56
</span><span class="lnt"> 57
</span><span class="lnt"> 58
</span><span class="lnt"> 59
</span><span class="lnt"> 60
</span><span class="lnt"> 61
</span><span class="lnt"> 62
</span><span class="lnt"> 63
</span><span class="lnt"> 64
</span><span class="lnt"> 65
</span><span class="lnt"> 66
</span><span class="lnt"> 67
</span><span class="lnt"> 68
</span><span class="lnt"> 69
</span><span class="lnt"> 70
</span><span class="lnt"> 71
</span><span class="lnt"> 72
</span><span class="lnt"> 73
</span><span class="lnt"> 74
</span><span class="lnt"> 75
</span><span class="lnt"> 76
</span><span class="lnt"> 77
</span><span class="lnt"> 78
</span><span class="lnt"> 79
</span><span class="lnt"> 80
</span><span class="lnt"> 81
</span><span class="lnt"> 82
</span><span class="lnt"> 83
</span><span class="lnt"> 84
</span><span class="lnt"> 85
</span><span class="lnt"> 86
</span><span class="lnt"> 87
</span><span class="lnt"> 88
</span><span class="lnt"> 89
</span><span class="lnt"> 90
</span><span class="lnt"> 91
</span><span class="lnt"> 92
</span><span class="lnt"> 93
</span><span class="lnt"> 94
</span><span class="lnt"> 95
</span><span class="lnt"> 96
</span><span class="lnt"> 97
</span><span class="lnt"> 98
</span><span class="lnt"> 99
</span><span class="lnt">100
</span><span class="lnt">101
</span><span class="lnt">102
</span></code></pre></td>
<td class="lntd">
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">gpg <span class="o">(</span>GnuPG<span class="o">)</span> 2.2.34
</span></span><span class="line"><span class="cl">libgcrypt 1.9.4
</span></span><span class="line"><span class="cl">Copyright <span class="o">(</span>C<span class="o">)</span> <span class="m">2022</span> g10 Code GmbH
</span></span><span class="line"><span class="cl">License GNU GPL-3.0-or-later &lt;https://gnu.org/licenses/gpl.html&gt;
</span></span><span class="line"><span class="cl">This is free software: you are free to change and redistribute it.
</span></span><span class="line"><span class="cl">There is NO WARRANTY, to the extent permitted by law.
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">Home: ~/.gnupg
</span></span><span class="line"><span class="cl">Supported algorithms:
</span></span><span class="line"><span class="cl">Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
</span></span><span class="line"><span class="cl">Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
</span></span><span class="line"><span class="cl">        CAMELLIA128, CAMELLIA192, CAMELLIA256
</span></span><span class="line"><span class="cl">Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
</span></span><span class="line"><span class="cl">Compression: Uncompressed, ZIP, ZLIB, BZIP2
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">Syntax: gpg <span class="o">[</span>options<span class="o">]</span> <span class="o">[</span>files<span class="o">]</span>
</span></span><span class="line"><span class="cl">Sign, check, encrypt or decrypt
</span></span><span class="line"><span class="cl">Default operation depends on the input data
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">Commands:
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"> -s, --sign                         make a signature
</span></span><span class="line"><span class="cl">     --clear-sign                   make a clear text signature
</span></span><span class="line"><span class="cl"> -b, --detach-sign                  make a detached signature
</span></span><span class="line"><span class="cl"> -e, --encrypt                      encrypt data
</span></span><span class="line"><span class="cl"> -c, --symmetric                    encryption only with symmetric cipher
</span></span><span class="line"><span class="cl"> -d, --decrypt                      decrypt data <span class="o">(</span>default<span class="o">)</span>
</span></span><span class="line"><span class="cl">     --verify                       verify a signature
</span></span><span class="line"><span class="cl"> -k, --list-keys                    list keys
</span></span><span class="line"><span class="cl">     --list-signatures              list keys and signatures
</span></span><span class="line"><span class="cl">     --check-signatures             list and check key signatures
</span></span><span class="line"><span class="cl">     --fingerprint                  list keys and fingerprints
</span></span><span class="line"><span class="cl"> -K, --list-secret-keys             list secret keys
</span></span><span class="line"><span class="cl">     --generate-key                 generate a new key pair
</span></span><span class="line"><span class="cl">     --quick-generate-key           quickly generate a new key pair
</span></span><span class="line"><span class="cl">     --quick-add-uid                quickly add a new user-id
</span></span><span class="line"><span class="cl">     --quick-revoke-uid             quickly revoke a user-id
</span></span><span class="line"><span class="cl">     --quick-set-expire             quickly <span class="nb">set</span> a new expiration date
</span></span><span class="line"><span class="cl">     --full-generate-key            full featured key pair generation
</span></span><span class="line"><span class="cl">     --generate-revocation          generate a revocation certificate
</span></span><span class="line"><span class="cl">     --delete-keys                  remove keys from the public keyring
</span></span><span class="line"><span class="cl">     --delete-secret-keys           remove keys from the secret keyring
</span></span><span class="line"><span class="cl">     --quick-sign-key               quickly sign a key
</span></span><span class="line"><span class="cl">     --quick-lsign-key              quickly sign a key locally
</span></span><span class="line"><span class="cl">     --quick-revoke-sig             quickly revoke a key signature
</span></span><span class="line"><span class="cl">     --sign-key                     sign a key
</span></span><span class="line"><span class="cl">     --lsign-key                    sign a key locally
</span></span><span class="line"><span class="cl">     --edit-key                     sign or edit a key
</span></span><span class="line"><span class="cl">     --change-passphrase            change a passphrase
</span></span><span class="line"><span class="cl">     --export                       <span class="nb">export</span> keys
</span></span><span class="line"><span class="cl">     --send-keys                    <span class="nb">export</span> keys to a keyserver
</span></span><span class="line"><span class="cl">     --receive-keys                 import keys from a keyserver
</span></span><span class="line"><span class="cl">     --search-keys                  search <span class="k">for</span> keys on a keyserver
</span></span><span class="line"><span class="cl">     --refresh-keys                 update all keys from a keyserver
</span></span><span class="line"><span class="cl">     --import                       import/merge keys
</span></span><span class="line"><span class="cl">     --card-status                  print the card status
</span></span><span class="line"><span class="cl">     --edit-card                    change data on a card
</span></span><span class="line"><span class="cl">     --change-pin                   change a card<span class="err">&#39;</span>s PIN
</span></span><span class="line"><span class="cl">     --update-trustdb               update the trust database
</span></span><span class="line"><span class="cl">     --print-md                     print message digests
</span></span><span class="line"><span class="cl">     --server                       run in server mode
</span></span><span class="line"><span class="cl">     --tofu-policy VALUE            <span class="nb">set</span> the TOFU policy <span class="k">for</span> a key
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">Options controlling the diagnostic output:
</span></span><span class="line"><span class="cl"> -v, --verbose                      verbose
</span></span><span class="line"><span class="cl"> -q, --quiet                        be somewhat more quiet
</span></span><span class="line"><span class="cl">     --options FILE                 <span class="nb">read</span> options from FILE
</span></span><span class="line"><span class="cl">     --log-file FILE                write server mode logs to FILE
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">Options controlling the configuration:
</span></span><span class="line"><span class="cl">     --default-key NAME             use NAME as default secret key
</span></span><span class="line"><span class="cl">     --encrypt-to NAME              encrypt to user ID NAME as well
</span></span><span class="line"><span class="cl">     --group SPEC                   <span class="nb">set</span> up email aliases
</span></span><span class="line"><span class="cl">     --openpgp                      use strict OpenPGP behavior
</span></span><span class="line"><span class="cl"> -n, --dry-run                      <span class="k">do</span> not make any changes
</span></span><span class="line"><span class="cl"> -i, --interactive                  prompt before overwriting
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">Options controlling the output:
</span></span><span class="line"><span class="cl"> -a, --armor                        create ascii armored output
</span></span><span class="line"><span class="cl"> -o, --output FILE                  write output to FILE
</span></span><span class="line"><span class="cl">     --textmode                     use canonical text mode
</span></span><span class="line"><span class="cl"> -z N                               <span class="nb">set</span> compress level to N <span class="o">(</span><span class="m">0</span> disables<span class="o">)</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">Options controlling key import and export:
</span></span><span class="line"><span class="cl">     --auto-key-locate MECHANISMS   use MECHANISMS to locate keys by mail address
</span></span><span class="line"><span class="cl">     --disable-dirmngr              disable all access to the dirmngr
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">Options to specify keys:
</span></span><span class="line"><span class="cl"> -r, --recipient USER-ID            encrypt <span class="k">for</span> USER-ID
</span></span><span class="line"><span class="cl"> -u, --local-user USER-ID           use USER-ID to sign or decrypt
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="o">(</span>See the man page <span class="k">for</span> a <span class="nb">complete</span> listing of all commands and options<span class="o">)</span>
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">Examples:
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"> -se -r Bob <span class="o">[</span>file<span class="o">]</span>          sign and encrypt <span class="k">for</span> user Bob
</span></span><span class="line"><span class="cl"> --clear-sign <span class="o">[</span>file<span class="o">]</span>        make a clear text signature
</span></span><span class="line"><span class="cl"> --detach-sign <span class="o">[</span>file<span class="o">]</span>       make a detached signature
</span></span><span class="line"><span class="cl"> --list-keys <span class="o">[</span>names<span class="o">]</span>        show keys
</span></span><span class="line"><span class="cl"> --fingerprint <span class="o">[</span>names<span class="o">]</span>      show fingerprints
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">Please report bugs to &lt;https://bugs.gnupg.org&gt;.
</span></span></code></pre></td></tr></table>
</div>
</div><h3 id="gpg-shell-command">
    <a href="#gpg-shell-command" class="header-anchor" aria-label="Link to gpg shell command"></a><strong>gpg shell command</strong></h3>
<div class="highlight"><div class="chroma">
<table class="lntable"><tr><td class="lntd">
<pre tabindex="0" class="chroma"><code><span class="lnt"> 1
</span><span class="lnt"> 2
</span><span class="lnt"> 3
</span><span class="lnt"> 4
</span><span class="lnt"> 5
</span><span class="lnt"> 6
</span><span class="lnt"> 7
</span><span class="lnt"> 8
</span><span class="lnt"> 9
</span><span class="lnt">10
</span><span class="lnt">11
</span><span class="lnt">12
</span><span class="lnt">13
</span><span class="lnt">14
</span><span class="lnt">15
</span><span class="lnt">16
</span><span class="lnt">17
</span><span class="lnt">18
</span><span class="lnt">19
</span><span class="lnt">20
</span><span class="lnt">21
</span><span class="lnt">22
</span><span class="lnt">23
</span><span class="lnt">24
</span><span class="lnt">25
</span><span class="lnt">26
</span><span class="lnt">27
</span><span class="lnt">28
</span><span class="lnt">29
</span><span class="lnt">30
</span></code></pre></td>
<td class="lntd">
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">gpg&gt; <span class="nb">help</span>
</span></span><span class="line"><span class="cl">quit        quit this menu
</span></span><span class="line"><span class="cl">save        save and quit
</span></span><span class="line"><span class="cl"><span class="nb">help</span>        show this <span class="nb">help</span>
</span></span><span class="line"><span class="cl">fpr         show key fingerprint
</span></span><span class="line"><span class="cl">grip        show the keygrip
</span></span><span class="line"><span class="cl">list        list key and user IDs
</span></span><span class="line"><span class="cl">uid         <span class="k">select</span> user ID N
</span></span><span class="line"><span class="cl">key         <span class="k">select</span> subkey N
</span></span><span class="line"><span class="cl">check       check signatures
</span></span><span class="line"><span class="cl">sign        sign selected user IDs <span class="o">[</span>* see below <span class="k">for</span> related commands<span class="o">]</span>
</span></span><span class="line"><span class="cl">lsign       sign selected user IDs locally
</span></span><span class="line"><span class="cl">tsign       sign selected user IDs with a trust signature
</span></span><span class="line"><span class="cl">nrsign      sign selected user IDs with a non-revocable signature
</span></span><span class="line"><span class="cl">deluid      delete selected user IDs
</span></span><span class="line"><span class="cl">delkey      delete selected subkeys
</span></span><span class="line"><span class="cl">delsig      delete signatures from the selected user IDs
</span></span><span class="line"><span class="cl">pref        list preferences <span class="o">(</span>expert<span class="o">)</span>
</span></span><span class="line"><span class="cl">showpref    list preferences <span class="o">(</span>verbose<span class="o">)</span>
</span></span><span class="line"><span class="cl">trust       change the ownertrust
</span></span><span class="line"><span class="cl">revsig      revoke signatures on the selected user IDs
</span></span><span class="line"><span class="cl"><span class="nb">enable</span>      <span class="nb">enable</span> key
</span></span><span class="line"><span class="cl">disable     disable key
</span></span><span class="line"><span class="cl">showphoto   show selected photo IDs
</span></span><span class="line"><span class="cl">clean       compact unusable user IDs and remove unusable signatures from key
</span></span><span class="line"><span class="cl">minimize    compact unusable user IDs and remove all signatures from key
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">* The <span class="s1">&#39;sign&#39;</span> <span class="nb">command</span> may be prefixed with an <span class="s1">&#39;l&#39;</span> <span class="k">for</span> <span class="nb">local</span> signatures <span class="o">(</span>lsign<span class="o">)</span>,
</span></span><span class="line"><span class="cl">  a <span class="s1">&#39;t&#39;</span> <span class="k">for</span> trust signatures <span class="o">(</span>tsign<span class="o">)</span>, an <span class="s1">&#39;nr&#39;</span> <span class="k">for</span> non-revocable signatures
</span></span><span class="line"><span class="cl">  <span class="o">(</span>nrsign<span class="o">)</span>, or any combination thereof <span class="o">(</span>ltsign, tnrsign, etc.<span class="o">)</span>.
</span></span></code></pre></td></tr></table>
</div>
</div><h2 id="gpg-key-generation--config">
    <a href="#gpg-key-generation--config" class="header-anchor" aria-label="Link to GPG key generation &amp; config"></a>GPG key generation &amp; config</h2>
<div class="details admonition note open">
        <div class="details-summary admonition-title">
            <i class="icon fas fa-pencil-alt fa-fw" aria-hidden="true"></i>Note<i class="details-icon fas fa-angle-right fa-fw" aria-hidden="true"></i>
        </div>
        <div class="details-content">
            <div class="admonition-content">GPG does not come installed by default on macOS or Windows. To install GPG command line tools, see <a href="https://www.gnupg.org/download/" target="_blank" rel="noopener noreffer ">GnuPG&rsquo;s Download page</a>.</div>
        </div>
    </div>
<h3 id="existing-gpg-keys">
    <a href="#existing-gpg-keys" class="header-anchor" aria-label="Link to Existing GPG keys"></a><em>Existing GPG keys</em></h3>
<p><code>gpg --list-secret-keys --keyid-format=long</code></p>
<div class="details admonition example open">
        <div class="details-summary admonition-title">
            <i class="icon fas fa-list-ol fa-fw" aria-hidden="true"></i>Example<i class="details-icon fas fa-angle-right fa-fw" aria-hidden="true"></i>
        </div>
        <div class="details-content">
            <div class="admonition-content"><div class="highlight"><div class="chroma">
<table class="lntable"><tr><td class="lntd">
<pre tabindex="0" class="chroma"><code><span class="lnt">1
</span><span class="lnt">2
</span><span class="lnt">3
</span><span class="lnt">4
</span><span class="lnt">5
</span></code></pre></td>
<td class="lntd">
<pre tabindex="0" class="chroma"><code class="language-text" data-lang="text"><span class="line"><span class="cl">~/.gnupg/pubring.kbx
</span></span><span class="line"><span class="cl">-----------------------------------
</span></span><span class="line"><span class="cl">sec   rsa4096/325ACD1FD3B6AA80 2022-03-07 [SC] [expires: 2024-03-06]
</span></span><span class="line"><span class="cl">      1F11E9A019E23C53C11C8D4C325ACD1FD3B6AA80
</span></span><span class="line"><span class="cl">uid                 [ultimate] xwi88 &lt;278810732@qq.com&gt;
</span></span></code></pre></td></tr></table>
</div>
</div><ul>
<li><em>the GPG key ID</em>: <strong>325ACD1FD3B6AA80</strong></li>
</ul>
</div>
        </div>
    </div>
<h3 id="generate-a-new-gpg-key">
    <a href="#generate-a-new-gpg-key" class="header-anchor" aria-label="Link to Generate a new GPG key"></a>Generate a new <em>GPG key</em></h3>
<blockquote>
<p>If an old GPG key already exists, you don&rsquo;t need to generate a new one!</p>
</blockquote>
<p><code>gpg --default-new-key-algo rsa4096 --gen-key</code></p>
<div class="details admonition tip open">
        <div class="details-summary admonition-title">
            <i class="icon fas fa-lightbulb fa-fw" aria-hidden="true"></i>Tip<i class="details-icon fas fa-angle-right fa-fw" aria-hidden="true"></i>
        </div>
        <div class="details-content">
            <div class="admonition-content"><p>Algorithms <em>github</em> supports for generating <em>gpg keys</em></p>
<ul>
<li><strong>RSA</strong></li>
<li>ElGamal</li>
<li>DSA</li>
<li>ECDH</li>
<li>ECDSA</li>
<li>EdDSA</li>
</ul>
</div>
        </div>
    </div>
<div class="details admonition example open">
        <div class="details-summary admonition-title">
            <i class="icon fas fa-list-ol fa-fw" aria-hidden="true"></i>Example<i class="details-icon fas fa-angle-right fa-fw" aria-hidden="true"></i>
        </div>
        <div class="details-content">
            <div class="admonition-content"><p><code>gpg --default-new-key-algo rsa4096 --gen-key</code></p>
<ul>
<li>Real name: <code>tmp_gpg</code></li>
<li>Email address: <code>278810732@qq.com</code></li>
</ul>
<p>You selected this <strong>USER-ID</strong>:
&ldquo;tmp_gpg <a href="mailto:278810732@qq.com" rel="">278810732@qq.com</a>&rdquo;</p>
<ul>
<li>Change (N)ame, (E)mail, or (O)kay/(Q)uit? <code>O</code></li>
</ul>
<p>We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.</p>
<p>Note that this key cannot be used for encryption.  You may want to use
the command &ldquo;&ndash;edit-key&rdquo; to generate a subkey for this purpose.</p>
<div class="highlight"><div class="chroma">
<table class="lntable"><tr><td class="lntd">
<pre tabindex="0" class="chroma"><code><span class="lnt">1
</span><span class="lnt">2
</span><span class="lnt">3
</span></code></pre></td>
<td class="lntd">
<pre tabindex="0" class="chroma"><code class="language-text" data-lang="text"><span class="line"><span class="cl">pub   rsa4096 2022-03-09 [SC] [expires: 2024-03-08]
</span></span><span class="line"><span class="cl">      F09FC9FB34FA457ED2F7090AFE47519758053257
</span></span><span class="line"><span class="cl">uid                      tmp_gpg &lt;278810732@qq.com&gt;
</span></span></code></pre></td></tr></table>
</div>
</div></div>
        </div>
    </div>
<h3 id="latest-gpg-keys">
    <a href="#latest-gpg-keys" class="header-anchor" aria-label="Link to Latest GPG keys"></a>Latest <em>GPG keys</em></h3>
<p><code>gpg --list-secret-keys --keyid-format=long</code></p>
<div class="highlight"><div class="chroma">
<table class="lntable"><tr><td class="lntd">
<pre tabindex="0" class="chroma"><code><span class="lnt">1
</span><span class="lnt">2
</span><span class="lnt">3
</span><span class="lnt">4
</span><span class="lnt">5
</span><span class="lnt">6
</span><span class="lnt">7
</span><span class="lnt">8
</span></code></pre></td>
<td class="lntd">
<pre tabindex="0" class="chroma"><code class="language-tex" data-lang="tex"><span class="line"><span class="cl">-----------------------------------
</span></span><span class="line"><span class="cl">sec   rsa4096/325ACD1FD3B6AA80 2022-03-07 [SC] [expires: 2024-03-06]
</span></span><span class="line"><span class="cl">      1F11E9A019E23C53C11C8D4C325ACD1FD3B6AA80
</span></span><span class="line"><span class="cl">uid                 [ultimate] xwi88 &lt;278810732@qq.com&gt;
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">sec   rsa4096/FE47519758053257 2022-03-09 [SC] [expires: 2024-03-08]
</span></span><span class="line"><span class="cl">      F09FC9FB34FA457ED2F7090AFE47519758053257
</span></span><span class="line"><span class="cl">uid                 [ultimate] tmp<span class="nb">_</span>gpg &lt;278810732@qq.com&gt;
</span></span></code></pre></td></tr></table>
</div>
</div><h3 id="export-a-gpg-key">
    <a href="#export-a-gpg-key" class="header-anchor" aria-label="Link to Export a GPG key"></a>Export a <em>GPG key</em></h3>
<ul>
<li><code>gpg --armor --export FE47519758053257</code></li>
<li>or <code>gpg -a -o --export FE47519758053257</code></li>
</ul>
<div class="highlight"><div class="chroma">
<table class="lntable"><tr><td class="lntd">
<pre tabindex="0" class="chroma"><code><span class="lnt">1
</span><span class="lnt">2
</span><span class="lnt">3
</span><span class="lnt">4
</span><span class="lnt">5
</span></code></pre></td>
<td class="lntd">
<pre tabindex="0" class="chroma"><code class="language-tex" data-lang="tex"><span class="line"><span class="cl">-----BEGIN PGP PUBLIC KEY BLOCK-----
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">xxxxxxxxxxxxxxx
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">-----END PGP PUBLIC KEY BLOCK-----
</span></span></code></pre></td></tr></table>
</div>
</div><p>Export a <em>gpg public key</em> to a specific destination:</p>
<ul>
<li><code>gpg --export --armor [uid] &gt; gpgkey.pub.asc</code> <strong>export to file</strong> <em>uid: keyID/name/email</em></li>
<li><code>gpg --keyserver [keyserverAddress] --send-keys keyIDs</code> <em>export to a specific key server</em></li>
<li><code>gpg --send-keys keyIDs</code> <strong>export to the default key server</strong></li>
</ul>
<blockquote>
<p><strong>Output when exporting to the default key server</strong></p>
</blockquote>
<div class="highlight"><div class="chroma">
<table class="lntable"><tr><td class="lntd">
<pre tabindex="0" class="chroma"><code><span class="lnt">1
</span></code></pre></td>
<td class="lntd">
<pre tabindex="0" class="chroma"><code class="language-tex" data-lang="tex"><span class="line"><span class="cl">output: gpg: sending key 90684042688CB9BE to hkps://keyserver.ubuntu.com
</span></span></code></pre></td></tr></table>
</div>
</div><h3 id="find-a-gpg-key">
    <a href="#find-a-gpg-key" class="header-anchor" aria-label="Link to Find a GPG key"></a>Find a <em>GPG key</em></h3>
<blockquote>
<p><strong>keyIDs</strong> may be: <em>name</em>, <strong>keyID</strong>, <em>email</em></p>
</blockquote>
<ul>
<li><code>gpg --keyserver keyserverAddress --search-keys keyIDs</code></li>
<li><code>gpg --search-keys keyIDs</code> <strong>search the default key server</strong></li>
</ul>
<div class="details admonition example open">
        <div class="details-summary admonition-title">
            <i class="icon fas fa-list-ol fa-fw" aria-hidden="true"></i>Example<i class="details-icon fas fa-angle-right fa-fw" aria-hidden="true"></i>
        </div>
        <div class="details-content">
            <div class="admonition-content"><blockquote>
<p><code>gpg --search-keys xwi88</code></p>
</blockquote>
<div class="highlight"><div class="chroma">
<table class="lntable"><tr><td class="lntd">
<pre tabindex="0" class="chroma"><code><span class="lnt">1
</span><span class="lnt">2
</span><span class="lnt">3
</span><span class="lnt">4
</span></code></pre></td>
<td class="lntd">
<pre tabindex="0" class="chroma"><code class="language-tex" data-lang="tex"><span class="line"><span class="cl">gpg: data source: https://162.213.33.8:443
</span></span><span class="line"><span class="cl">(1)	xwi88 &lt;278810732@qq.com&gt;
</span></span><span class="line"><span class="cl">	  4096 bit RSA key 90684042688CB9BE, created: 2022-03-09
</span></span><span class="line"><span class="cl">Keys 1-1 of 1 for &#34;xwi88&#34;.  Enter number(s), N)ext, or Q)uit &gt; q
</span></span></code></pre></td></tr></table>
</div>
</div><blockquote>
<p><code>gpg --search-keys 90684042688CB9BE</code></p>
</blockquote>
<div class="highlight"><div class="chroma">
<table class="lntable"><tr><td class="lntd">
<pre tabindex="0" class="chroma"><code><span class="lnt">1
</span><span class="lnt">2
</span><span class="lnt">3
</span><span class="lnt">4
</span></code></pre></td>
<td class="lntd">
<pre tabindex="0" class="chroma"><code class="language-tex" data-lang="tex"><span class="line"><span class="cl">gpg: data source: https://162.213.33.8:443
</span></span><span class="line"><span class="cl">(1)	xwi88 &lt;278810732@qq.com&gt;
</span></span><span class="line"><span class="cl">	  4096 bit RSA key 90684042688CB9BE, created: 2022-03-09
</span></span><span class="line"><span class="cl">Keys 1-1 of 1 for &#34;90684042688CB9BE&#34;.  Enter number(s), N)ext, or Q)uit &gt; q
</span></span></code></pre></td></tr></table>
</div>
</div><blockquote>
<p><code>gpg --search-keys 278810732@qq.com</code></p>
</blockquote>
<div class="highlight"><div class="chroma">
<table class="lntable"><tr><td class="lntd">
<pre tabindex="0" class="chroma"><code><span class="lnt">1
</span><span class="lnt">2
</span><span class="lnt">3
</span><span class="lnt">4
</span></code></pre></td>
<td class="lntd">
<pre tabindex="0" class="chroma"><code class="language-tex" data-lang="tex"><span class="line"><span class="cl">gpg: data source: https://162.213.33.8:443
</span></span><span class="line"><span class="cl">(1)	xwi88 &lt;278810732@qq.com&gt;
</span></span><span class="line"><span class="cl">	  4096 bit RSA key 90684042688CB9BE, created: 2022-03-09
</span></span><span class="line"><span class="cl">Keys 1-1 of 1 for &#34;278810732@qq.com&#34;.  Enter number(s), N)ext, or Q)uit &gt; y
</span></span></code></pre></td></tr></table>
</div>
</div></div>
        </div>
    </div>
<h3 id="import-a-gpg-key">
    <a href="#import-a-gpg-key" class="header-anchor" aria-label="Link to Import a GPG key"></a>Import a <em>GPG key</em></h3>
<blockquote>
<p><strong>Key-server import</strong> — without an address it defaults to <code>hkps://keyserver.ubuntu.com</code> <strong>(your address may differ; this is local output)</strong></p>
</blockquote>
<ul>
<li><code>gpg --import [GPG public key]</code> <em>import from file</em></li>
<li><code>gpg --keyserver [keyserverAddress] --recv-keys keyIDs</code>  <em>import from key server</em></li>
<li><code>gpg --recv-keys keyIDs</code> <strong>import from the default key server</strong></li>
<li><code>gpg --refresh-keys</code> <em>update all keys from the key server</em></li>
</ul>
<div class="details admonition example open">
        <div class="details-summary admonition-title">
            <i class="icon fas fa-list-ol fa-fw" aria-hidden="true"></i>Example<i class="details-icon fas fa-angle-right fa-fw" aria-hidden="true"></i>
        </div>
        <div class="details-content">
            <div class="admonition-content"><blockquote>
<p><code>gpg --recv-keys 90684042688CB9BE</code></p>
</blockquote>
<div class="highlight"><div class="chroma">
<table class="lntable"><tr><td class="lntd">
<pre tabindex="0" class="chroma"><code><span class="lnt">1
</span><span class="lnt">2
</span><span class="lnt">3
</span></code></pre></td>
<td class="lntd">
<pre tabindex="0" class="chroma"><code class="language-tex" data-lang="tex"><span class="line"><span class="cl">gpg: key 90684042688CB9BE: &#34;xwi88 &lt;278810732@qq.com&gt;&#34; not changed
</span></span><span class="line"><span class="cl">gpg: Total number processed: 1
</span></span><span class="line"><span class="cl">gpg:              unchanged: 1
</span></span></code></pre></td></tr></table>
</div>
</div></div>
        </div>
    </div>
<h3 id="secret-key-backup-export--import">
    <a href="#secret-key-backup-export--import" class="header-anchor" aria-label="Link to Secret-key backup, export &amp; import"></a>Secret-key backup, export &amp; import</h3>
<blockquote>
<p>Mainly for: <strong>sharing across your own machines</strong></p>
</blockquote>
<div class="details admonition warning open">
        <div class="details-summary admonition-title">
            <i class="icon fas fa-exclamation-triangle fa-fw" aria-hidden="true"></i>Warning<i class="details-icon fas fa-angle-right fa-fw" aria-hidden="true"></i>
        </div>
        <div class="details-content">
            <div class="admonition-content"><ul>
<li><strong>Never upload a secret key to a key server</strong></li>
<li><strong>Back up the secret-key file securely</strong></li>
<li><em>Secret-key file permission</em>: <code>600</code></li>
<li><em>Public-key file permission</em>: <code>644</code></li>
</ul>
</div>
        </div>
    </div>
<h4 id="export-a-secret-key">
    <a href="#export-a-secret-key" class="header-anchor" aria-label="Link to Export a secret key"></a>Export a secret key</h4>
<p><code>gpg -a -o test_secKey.asc --export-secret-keys keyID</code></p>
<div class="details admonition example open">
        <div class="details-summary admonition-title">
            <i class="icon fas fa-list-ol fa-fw" aria-hidden="true"></i>Example<i class="details-icon fas fa-angle-right fa-fw" aria-hidden="true"></i>
        </div>
        <div class="details-content">
            <div class="admonition-content"><blockquote>
<p><code>gpg -K</code> view local secret keys</p>
<p><code>gpg -a -o test_secKey.asc --export-secret-keys 1F11E9A019E23C53C11C8D4C325ACD1FD3B6AA80</code> export the secret key</p>
</blockquote>
</div>
        </div>
    </div>
<h4 id="import-a-secret-key">
    <a href="#import-a-secret-key" class="header-anchor" aria-label="Link to Import a secret key"></a>Import a secret key</h4>
<p><code>gpg --import secKeyFile</code></p>
<div class="details admonition example open">
        <div class="details-summary admonition-title">
            <i class="icon fas fa-list-ol fa-fw" aria-hidden="true"></i>Example<i class="details-icon fas fa-angle-right fa-fw" aria-hidden="true"></i>
        </div>
        <div class="details-content">
            <div class="admonition-content"><blockquote>
<p><code>gpg --import test_secKey.asc</code> import a secret key — same operation as importing a public key</p>
</blockquote>
<div class="highlight"><div class="chroma">
<table class="lntable"><tr><td class="lntd">
<pre tabindex="0" class="chroma"><code><span class="lnt">1
</span><span class="lnt">2
</span><span class="lnt">3
</span></code></pre></td>
<td class="lntd">
<pre tabindex="0" class="chroma"><code class="language-tex" data-lang="tex"><span class="line"><span class="cl">gpg: key 325ACD1FD3B6AA80: &#34;xwi88 &lt;278810732@qq.com&gt;&#34; not changed
</span></span><span class="line"><span class="cl">gpg: Total number processed: 1
</span></span><span class="line"><span class="cl">gpg:              unchanged: 1
</span></span></code></pre></td></tr></table>
</div>
</div><blockquote>
<p><code>gpg -K</code> view local secret keys</p>
</blockquote>
</div>
        </div>
    </div>
<h3 id="key-revocation">
    <a href="#key-revocation" class="header-anchor" aria-label="Link to Key revocation"></a><strong>Key revocation</strong></h3>
<p><em>After generating a new key pair, if other key pairs are no longer used, publish a revocation certificate immediately to declare the old public key invalid and prevent malicious use.</em></p>
<blockquote>
<p><code>gpg --output test_revoke.asc --gen-revoke keyID</code></p>
<p><code>gpg --import test_revoke.asc</code> import the revocation certificate</p>
<p><code>gpg --send-keys keyID</code> send the revocation certificate to the server, declaring the original <em>GPG Key</em> revoked</p>
</blockquote>
<div class="details admonition example open">
        <div class="details-summary admonition-title">
            <i class="icon fas fa-list-ol fa-fw" aria-hidden="true"></i>Example<i class="details-icon fas fa-angle-right fa-fw" aria-hidden="true"></i>
        </div>
        <div class="details-content">
            <div class="admonition-content"><blockquote>
<p><code>gpg --output test_revoke.asc --gen-revoke 325ACD1FD3B6AA80</code></p>
<p>or <code>gpg --output test_revoke.asc --generate-revocation 325ACD1FD3B6AA80</code></p>
</blockquote>
<div class="highlight"><div class="chroma">
<table class="lntable"><tr><td class="lntd">
<pre tabindex="0" class="chroma"><code><span class="lnt"> 1
</span><span class="lnt"> 2
</span><span class="lnt"> 3
</span><span class="lnt"> 4
</span><span class="lnt"> 5
</span><span class="lnt"> 6
</span><span class="lnt"> 7
</span><span class="lnt"> 8
</span><span class="lnt"> 9
</span><span class="lnt">10
</span><span class="lnt">11
</span><span class="lnt">12
</span><span class="lnt">13
</span><span class="lnt">14
</span><span class="lnt">15
</span><span class="lnt">16
</span><span class="lnt">17
</span><span class="lnt">18
</span><span class="lnt">19
</span><span class="lnt">20
</span><span class="lnt">21
</span><span class="lnt">22
</span><span class="lnt">23
</span><span class="lnt">24
</span></code></pre></td>
<td class="lntd">
<pre tabindex="0" class="chroma"><code class="language-tex" data-lang="tex"><span class="line"><span class="cl">sec  rsa4096/325ACD1FD3B6AA80 2022-03-07 xwi88 &lt;278810732@qq.com&gt;
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">Create a revocation certificate for this key? (y/N) y
</span></span><span class="line"><span class="cl">Please select the reason for the revocation:
</span></span><span class="line"><span class="cl">  0 = No reason specified
</span></span><span class="line"><span class="cl">  1 = Key has been compromised
</span></span><span class="line"><span class="cl">  2 = Key is superseded
</span></span><span class="line"><span class="cl">  3 = Key is no longer used
</span></span><span class="line"><span class="cl">  Q = Cancel
</span></span><span class="line"><span class="cl">(Probably you want to select 1 here)
</span></span><span class="line"><span class="cl">Your decision? 3
</span></span><span class="line"><span class="cl">Enter an optional description; end it with an empty line:
</span></span><span class="line"><span class="cl">&gt;
</span></span><span class="line"><span class="cl">Reason for revocation: Key is no longer used
</span></span><span class="line"><span class="cl">(No description given)
</span></span><span class="line"><span class="cl">Is this okay? (y/N) y
</span></span><span class="line"><span class="cl">ASCII armored output forced.
</span></span><span class="line"><span class="cl">Revocation certificate created.
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">Please move it to a medium which you can hide away; if Mallory gets
</span></span><span class="line"><span class="cl">access to this certificate he can use it to make your key unusable.
</span></span><span class="line"><span class="cl">It is smart to print this certificate and store it away, just in case
</span></span><span class="line"><span class="cl">your media become unreadable.  But have some caution:  The print system of
</span></span><span class="line"><span class="cl">your machine might store the data and make it available to others!
</span></span></code></pre></td></tr></table>
</div>
</div><blockquote>
<p><code>gpg --import test_revoke.asc</code></p>
</blockquote>
<div class="highlight"><div class="chroma">
<table class="lntable"><tr><td class="lntd">
<pre tabindex="0" class="chroma"><code><span class="lnt">1
</span><span class="lnt">2
</span><span class="lnt">3
</span><span class="lnt">4
</span><span class="lnt">5
</span><span class="lnt">6
</span></code></pre></td>
<td class="lntd">
<pre tabindex="0" class="chroma"><code class="language-tex" data-lang="tex"><span class="line"><span class="cl">gpg: key 325ACD1FD3B6AA80: &#34;xwi88 &lt;278810732@qq.com&gt;&#34; revocation certificate imported
</span></span><span class="line"><span class="cl">gpg: Total number processed: 1
</span></span><span class="line"><span class="cl">gpg:    new key revocations: 1
</span></span><span class="line"><span class="cl">gpg: marginals needed: 3  completes needed: 1  trust model: pgp
</span></span><span class="line"><span class="cl">gpg: depth: 0  valid:   3  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 3u
</span></span><span class="line"><span class="cl">gpg: next trustdb check due at 2024-03-06
</span></span></code></pre></td></tr></table>
</div>
</div><blockquote>
<p><code>gpg --send-keys 325ACD1FD3B6AA80</code></p>
<p><code>gpg --search-keys 325ACD1FD3B6AA80</code></p>
</blockquote>
<div class="highlight"><div class="chroma">
<table class="lntable"><tr><td class="lntd">
<pre tabindex="0" class="chroma"><code><span class="lnt">1
</span><span class="lnt">2
</span><span class="lnt">3
</span><span class="lnt">4
</span></code></pre></td>
<td class="lntd">
<pre tabindex="0" class="chroma"><code class="language-tex" data-lang="tex"><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">gpg: data source: https://162.213.33.8:443
</span></span><span class="line"><span class="cl">gpg: key &#34;325ACD1FD3B6AA80&#34; not found on keyserver
</span></span><span class="line"><span class="cl">gpg: keyserver search failed: Not found
</span></span></code></pre></td></tr></table>
</div>
</div></div>
        </div>
    </div>
<h3 id="delete-keys">
    <a href="#delete-keys" class="header-anchor" aria-label="Link to Delete keys"></a>Delete keys</h3>
<ul>
<li><code>gpg --delete-secret-keys keyID</code> <strong>delete this first</strong></li>
<li><code>gpg --delete-keys keyID</code></li>
</ul>
<h2 id="restart-the-gpg-agent">
    <a href="#restart-the-gpg-agent" class="header-anchor" aria-label="Link to Restart the GPG Agent"></a>Restart the GPG Agent</h2>
<blockquote>
<p>GPG restarts it on demand</p>
</blockquote>
<p><code>gpgconf --kill gpg-agent</code></p>
<h2 id="configure-git-to-use-gpg">
    <a href="#configure-git-to-use-gpg" class="header-anchor" aria-label="Link to Configure git to use GPG"></a>Configure git to use GPG</h2>
<h3 id="set-the-gpg-key">
    <a href="#set-the-gpg-key" class="header-anchor" aria-label="Link to Set the GPG key"></a>Set the <strong>GPG key</strong></h3>
<blockquote>
<ul>
<li>
<p>Copy the <strong>GPG key</strong> you want to use, <em>beginning with</em> <strong>&mdash;&ndash;BEGIN PGP PUBLIC KEY BLOCK&mdash;&ndash;</strong> and <em>ending with</em> <strong>&mdash;&ndash;END PGP PUBLIC KEY BLOCK&mdash;&ndash;</strong></p>
</li>
<li>
<p>Paste it into <em>github</em>: <strong>Settings</strong>-&gt;<strong>SSH and GPG keys</strong>-&gt;<strong>GPG keys</strong>. If the <em>key</em> already exists, ignore; otherwise create a new entry and paste.</p>
</li>
</ul>
</blockquote>
<h3 id="configure-the-gpg-key-used-for-signing">
    <a href="#configure-the-gpg-key-used-for-signing" class="header-anchor" aria-label="Link to Configure the GPG key used for signing"></a>Configure the <em>GPG key</em> used for signing</h3>
<blockquote>
<p>Mind whether you want this global; with a global config, an individual project can still override it! Replace <del>&ndash;global</del> with <strong>local</strong></p>
</blockquote>
<div class="highlight"><div class="chroma">
<table class="lntable"><tr><td class="lntd">
<pre tabindex="0" class="chroma"><code><span class="lnt">1
</span><span class="lnt">2
</span><span class="lnt">3
</span><span class="lnt">4
</span><span class="lnt">5
</span></code></pre></td>
<td class="lntd">
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="c1"># global config</span>
</span></span><span class="line"><span class="cl">git config --global user.signingkey 325ACD1FD3B6AA80
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="c1"># configure your Git client to sign commits by default for a local repository, in Git versions 2.0.0 and above</span>
</span></span><span class="line"><span class="cl">git config --global commit.gpgsign <span class="nb">true</span>
</span></span></code></pre></td></tr></table>
</div>
</div><h3 id="create-a-signed-commit">
    <a href="#create-a-signed-commit" class="header-anchor" aria-label="Link to Create a signed commit"></a>Create a signed commit</h3>
<p><code>git commit -S -m &quot;your commit message&quot;</code></p>
<blockquote>
<p>If you&rsquo;ve set commits to be signed by default, you can also just:</p>
<p><code>git commit -m &quot;your commit message&quot;</code></p>
</blockquote>
<div class="details admonition warning open">
        <div class="details-summary admonition-title">
            <i class="icon fas fa-exclamation-triangle fa-fw" aria-hidden="true"></i>Warning<i class="details-icon fas fa-angle-right fa-fw" aria-hidden="true"></i>
        </div>
        <div class="details-content">
            <div class="admonition-content"><p>If your <strong>GPG key</strong> uses a <em>GPG key passphrase</em>, you&rsquo;ll need to enter your <em>passphrase</em> when committing.</p>
<p>You can store the <strong>GPG key passphrase</strong> to avoid entering it on every sign:</p>
<ul>
<li>Mac users, <strong><a href="https://gpgtools.org/" target="_blank" rel="noopener noreffer ">GPG Suite</a></strong> can store your <em>GPG key passphrase</em> in <strong>Mac OS Keychain</strong></li>
<li>Windows users, <strong><a href="https://www.gpg4win.org/" target="_blank" rel="noopener noreffer ">Gpg4win</a></strong></li>
<li>Manually configure <strong><a href="https://linux.die.net/man/1/gpg-agent" target="_blank" rel="noopener noreffer ">gpg-agent</a></strong> to store it</li>
</ul>
</div>
        </div>
    </div>
<h3 id="sign-a-tag">
    <a href="#sign-a-tag" class="header-anchor" aria-label="Link to Sign a tag"></a>Sign a tag</h3>
<div class="highlight"><div class="chroma">
<table class="lntable"><tr><td class="lntd">
<pre tabindex="0" class="chroma"><code><span class="lnt">1
</span><span class="lnt">2
</span><span class="lnt">3
</span><span class="lnt">4
</span><span class="lnt">5
</span></code></pre></td>
<td class="lntd">
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="c1"># sign a tag</span>
</span></span><span class="line"><span class="cl">git tag -s my_tag
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl"><span class="c1"># verify your signed tag</span>
</span></span><span class="line"><span class="cl">git tag -v my_tag
</span></span></code></pre></td></tr></table>
</div>
</div><h3 id="view-commit-signatures">
    <a href="#view-commit-signatures" class="header-anchor" aria-label="Link to View commit signatures"></a>View commit signatures</h3>
<blockquote>
<ul>
<li><a href="https://www.git-scm.com/docs/git-log" target="_blank" rel="noopener noreffer ">git log usage</a></li>
<li><em>git version</em> <strong>2.34.1</strong></li>
</ul>
</blockquote>
<p><code>git log --show-signature</code></p>
<div class="details admonition tip open">
        <div class="details-summary admonition-title">
            <i class="icon fas fa-lightbulb fa-fw" aria-hidden="true"></i>Tip<i class="details-icon fas fa-angle-right fa-fw" aria-hidden="true"></i>
        </div>
        <div class="details-content">
            <div class="admonition-content"><blockquote>
<p>Format the log to show signatures — define your own log view:</p>
</blockquote>
<p><code>git log --color --graph --pretty=format:'%C(cyan)%G?%Creset %Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)&lt;%an&gt;%Creset | [%GK trust:%GT] %C(yellow)%GS%Creset' --abbrev-commit</code></p>
<div class="highlight"><div class="chroma">
<table class="lntable"><tr><td class="lntd">
<pre tabindex="0" class="chroma"><code><span class="lnt">1
</span><span class="lnt">2
</span><span class="lnt">3
</span><span class="lnt">4
</span><span class="lnt">5
</span><span class="lnt">6
</span><span class="lnt">7
</span></code></pre></td>
<td class="lntd">
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">* G fb56816 - fixed rsync dir <span class="o">(</span><span class="m">2</span> days ago<span class="o">)</span> &lt;xwi88&gt; <span class="p">|</span> <span class="o">[</span>325ACD1FD3B6AA80 trust:ultimate<span class="o">]</span> xwi88 &lt;278810732@qq.com&gt;
</span></span><span class="line"><span class="cl">* G 63d6ec2 - fixed rsync deploy <span class="o">(</span><span class="m">2</span> days ago<span class="o">)</span> &lt;xwi88&gt; <span class="p">|</span> <span class="o">[</span>325ACD1FD3B6AA80 trust:ultimate<span class="o">]</span> xwi88 &lt;278810732@qq.com&gt;
</span></span><span class="line"><span class="cl">* N 1ac5368 - workflow add remote deploy <span class="o">(</span><span class="m">2</span> days ago<span class="o">)</span> &lt;xwi88&gt; <span class="p">|</span> <span class="o">[</span> trust:undefined<span class="o">]</span>
</span></span><span class="line"><span class="cl">* E 289ae51 - add domain ICP info <span class="o">(</span><span class="m">2</span> days ago<span class="o">)</span> &lt;xwi88&gt; <span class="p">|</span> <span class="o">[</span>EEA29F407613E698 trust:<span class="o">]</span>
</span></span><span class="line"><span class="cl">* E f0e44bd - switch comment store repo:x <span class="o">(</span><span class="m">2</span> days ago<span class="o">)</span> &lt;xwi88&gt; <span class="p">|</span> <span class="o">[</span>EEA29F407613E698 trust:<span class="o">]</span>
</span></span><span class="line"><span class="cl">* E fbd5778 - fixed giscus issue <span class="o">(</span><span class="m">3</span> days ago<span class="o">)</span> &lt;xwi88&gt; <span class="p">|</span> <span class="o">[</span>EEA29F407613E698 trust:<span class="o">]</span>
</span></span><span class="line"><span class="cl">* E 5fa8d41 - replace utterances by giscus <span class="o">(</span><span class="m">3</span> days ago<span class="o">)</span> &lt;xwi88&gt; <span class="p">|</span> <span class="o">[</span>EEA29F407613E698 trust:<span class="o">]</span>
</span></span></code></pre></td></tr></table>
</div>
</div><ul>
<li><strong>G</strong>: for a good (valid) signature</li>
<li>B: for a bad signature</li>
<li>U: for a good signature with unknown validity</li>
<li>X: for a good signature that has expired</li>
<li>Y: for a good signature made by an expired key</li>
<li>R: for a good signature made by a revoked key</li>
<li><strong>E</strong>: if the signature cannot be checked (e.g. missing key)</li>
<li><em>N</em>: for no signature</li>
</ul>
</div>
        </div>
    </div>
<h3 id="local-signature-verification-issues">
    <a href="#local-signature-verification-issues" class="header-anchor" aria-label="Link to Local signature-verification issues"></a><strong>Local signature-verification issues</strong></h3>
<p>When viewing commit signatures via <code>git log --show-signature</code>, you may see:</p>
<div class="highlight"><div class="chroma">
<table class="lntable"><tr><td class="lntd">
<pre tabindex="0" class="chroma"><code><span class="lnt">1
</span><span class="lnt">2
</span><span class="lnt">3
</span><span class="lnt">4
</span></code></pre></td>
<td class="lntd">
<pre tabindex="0" class="chroma"><code class="language-tex" data-lang="tex"><span class="line"><span class="cl">commit e39e0920b68648b0751b7f91fffdd07080391945 (HEAD -&gt; main, origin/main, origin/HEAD)
</span></span><span class="line"><span class="cl">gpg: Signature made Thu Mar 10 00:19:37 2022 CST
</span></span><span class="line"><span class="cl">gpg:                using RSA key 7E7F28C4EFFD7721E0133ED490684042688CB9BE
</span></span><span class="line"><span class="cl">gpg: Can&#39;t check signature: No public key
</span></span></code></pre></td></tr></table>
</div>
</div><blockquote>
<p>You can also verify a specific commit&rsquo;s signature with <code>git verify-commit e39e0920b68648b0751b7f91fffdd07080391945</code></p>
</blockquote>
<p><strong>This happens because your local repo doesn&rsquo;t have the <code>gpg public key</code> used for those <code>commits</code>. Fix it by importing the committer&rsquo;s <code>gpg public keys</code>.</strong></p>
<h3 id="importing-missing-gpg-keys--verifying">
    <a href="#importing-missing-gpg-keys--verifying" class="header-anchor" aria-label="Link to Importing missing gpg keys &amp; verifying"></a>Importing <strong>missing gpg keys</strong> &amp; verifying</h3>
<p>To get full signature verification, we import the missing <strong>public keys</strong>. Suggested import sources:</p>
<ul>
<li><code>https://github.com/&lt;username&gt;.gpg</code> <em>requires you to have uploaded GPG keys to github</em></li>
<li><code>hkps://keyserver.ubuntu.com</code> <em>requires you to have uploaded keys</em></li>
</ul>
<blockquote>
<p>Certify the imported <em>public key</em></p>
</blockquote>
<ul>
<li><code>gpg --list-keys --keyid-format=long</code> find the key you want to certify</li>
<li><code>gpg --lsign-key [GPG key ID]</code> <em>local sign</em></li>
<li><code>gpg --edit-key [GPG key ID]</code> <em>local sign — pick one of this or the above</em></li>
</ul>
<div class="details admonition example open">
        <div class="details-summary admonition-title">
            <i class="icon fas fa-list-ol fa-fw" aria-hidden="true"></i>Example<i class="details-icon fas fa-angle-right fa-fw" aria-hidden="true"></i>
        </div>
        <div class="details-content">
            <div class="admonition-content"><blockquote>
<p><strong>Import the missing public key from github</strong> <code>gpg --keyserver https://github.com/xwi88.gpg --recv-keys 7E7F28C4EFFD7721E0133ED490684042688CB9BE</code></p>
<p><strong>Certify the key</strong> <code>gpg --lsign-key 7E7F28C4EFFD7721E0133ED490684042688CB9BE</code></p>
<p><strong>Check the certified key</strong> <code>gpg --list-keys --keyid-format=long</code></p>
</blockquote>
<div class="highlight"><div class="chroma">
<table class="lntable"><tr><td class="lntd">
<pre tabindex="0" class="chroma"><code><span class="lnt">1
</span><span class="lnt">2
</span><span class="lnt">3
</span></code></pre></td>
<td class="lntd">
<pre tabindex="0" class="chroma"><code class="language-tex" data-lang="tex"><span class="line"><span class="cl">pub   rsa4096/90684042688CB9BE 2022-03-09 [SC] [expires: 2024-03-08]
</span></span><span class="line"><span class="cl">      7E7F28C4EFFD7721E0133ED490684042688CB9BE
</span></span><span class="line"><span class="cl">uid                 [  full  ] xwi88 &lt;278810732@qq.com&gt;
</span></span></code></pre></td></tr></table>
</div>
</div><blockquote>
<p>Verify our commit again <code>git verify-commit e39e0920b68648b0751b7f91fffdd07080391945</code></p>
</blockquote>
<div class="highlight"><div class="chroma">
<table class="lntable"><tr><td class="lntd">
<pre tabindex="0" class="chroma"><code><span class="lnt">1
</span><span class="lnt">2
</span><span class="lnt">3
</span></code></pre></td>
<td class="lntd">
<pre tabindex="0" class="chroma"><code class="language-tex" data-lang="tex"><span class="line"><span class="cl">gpg: Signature made Thu Mar 10 00:19:37 2022 CST
</span></span><span class="line"><span class="cl">gpg:                using RSA key 7E7F28C4EFFD7721E0133ED490684042688CB9BE
</span></span><span class="line"><span class="cl">gpg: Good signature from &#34;xwi88 &lt;278810732@qq.com&gt;&#34; [full]
</span></span></code></pre></td></tr></table>
</div>
</div></div>
        </div>
    </div>
<h2 id="importing-githubs-gpg-public-key">
    <a href="#importing-githubs-gpg-public-key" class="header-anchor" aria-label="Link to Importing Github&amp;rsquo;s GPG public key"></a>Importing Github&rsquo;s GPG public key</h2>
<blockquote>
<p><a href="https://github.com/web-flow.gpg" target="_blank" rel="noopener noreffer ">github public GPG key for web-flow</a></p>
</blockquote>
<ol>
<li><code>curl https://github.com/web-flow.gpg | gpg --import</code> <strong>import github public gpg key</strong></li>
<li><code>gpg --edit-key noreply@github.com trust quit</code> <strong>trust and save, you choose: <code>4</code></strong></li>
<li><code>gpg --lsign-key noreply@github.com</code> <em>sign selected user IDs locally</em></li>
</ol>
<h2 id="gpg-key-update--renewal">
    <a href="#gpg-key-update--renewal" class="header-anchor" aria-label="Link to GPG key update &amp; renewal"></a><strong>GPG key update &amp; renewal</strong></h2>
<p><code>gpg --edit-key [GPG key ID]</code></p>
<div class="details admonition example open">
        <div class="details-summary admonition-title">
            <i class="icon fas fa-list-ol fa-fw" aria-hidden="true"></i>Example<i class="details-icon fas fa-angle-right fa-fw" aria-hidden="true"></i>
        </div>
        <div class="details-content">
            <div class="admonition-content"><div class="highlight"><div class="chroma">
<table class="lntable"><tr><td class="lntd">
<pre tabindex="0" class="chroma"><code><span class="lnt">1
</span><span class="lnt">2
</span><span class="lnt">3
</span></code></pre></td>
<td class="lntd">
<pre tabindex="0" class="chroma"><code class="language-tex" data-lang="tex"><span class="line"><span class="cl">sec   rsa4096 2022-03-09 [SC] [expires: 2024-03-08]
</span></span><span class="line"><span class="cl">      CE70FE5A7EB462DDA68EE86913431F2AC47C4AE0
</span></span><span class="line"><span class="cl">uid           [ultimate] tmp<span class="nb">_</span>gpg<span class="nb">_</span>local &lt;278810732@qq.com&gt;
</span></span></code></pre></td></tr></table>
</div>
</div><blockquote>
<p><em>This GPG key is regenerated, for demo purposes only</em></p>
</blockquote>
<p><code>gpg --edit-key CE70FE5A7EB462DDA68EE86913431F2AC47C4AE0</code></p>
<blockquote>
<p>Key output:</p>
</blockquote>
<div class="highlight"><div class="chroma">
<table class="lntable"><tr><td class="lntd">
<pre tabindex="0" class="chroma"><code><span class="lnt">1
</span><span class="lnt">2
</span><span class="lnt">3
</span><span class="lnt">4
</span></code></pre></td>
<td class="lntd">
<pre tabindex="0" class="chroma"><code class="language-tex" data-lang="tex"><span class="line"><span class="cl">sec  rsa4096/73758EF02856F877
</span></span><span class="line"><span class="cl">     created: 2022-03-09  expires: 2024-03-08  usage: SC
</span></span><span class="line"><span class="cl">     trust: ultimate      validity: ultimate
</span></span><span class="line"><span class="cl">[ultimate] (1). tmp<span class="nb">_</span>gpg<span class="nb">_</span>local &lt;278810732@qq.com&gt;
</span></span></code></pre></td></tr></table>
</div>
</div><p>Enter <code>expire</code> to update the expiry</p>
<blockquote>
<p>gpg&gt; <code>expire</code></p>
</blockquote>
<div class="highlight"><div class="chroma">
<table class="lntable"><tr><td class="lntd">
<pre tabindex="0" class="chroma"><code><span class="lnt">1
</span><span class="lnt">2
</span><span class="lnt">3
</span><span class="lnt">4
</span><span class="lnt">5
</span><span class="lnt">6
</span><span class="lnt">7
</span></code></pre></td>
<td class="lntd">
<pre tabindex="0" class="chroma"><code class="language-tex" data-lang="tex"><span class="line"><span class="cl">Changing expiration time for the primary key.
</span></span><span class="line"><span class="cl">Please specify how long the key should be valid.
</span></span><span class="line"><span class="cl">         0 = key does not expire
</span></span><span class="line"><span class="cl">      &lt;n&gt;  = key expires in n days
</span></span><span class="line"><span class="cl">      &lt;n&gt;w = key expires in n weeks
</span></span><span class="line"><span class="cl">      &lt;n&gt;m = key expires in n months
</span></span><span class="line"><span class="cl">      &lt;n&gt;y = key expires in n years
</span></span></code></pre></td></tr></table>
</div>
</div><blockquote>
<p>Key is valid for? (0) <code>180d</code></p>
</blockquote>
<p>Key expires at Mon Sep  5 21:48:04 2022 CST</p>
<blockquote>
<p>Is this correct? (y/N) <code>y</code></p>
</blockquote>
<div class="highlight"><div class="chroma">
<table class="lntable"><tr><td class="lntd">
<pre tabindex="0" class="chroma"><code><span class="lnt">1
</span><span class="lnt">2
</span><span class="lnt">3
</span><span class="lnt">4
</span></code></pre></td>
<td class="lntd">
<pre tabindex="0" class="chroma"><code class="language-tex" data-lang="tex"><span class="line"><span class="cl">sec  rsa4096/13431F2AC47C4AE0
</span></span><span class="line"><span class="cl">     created: 2022-03-09  expires: 2022-09-05  usage: SC
</span></span><span class="line"><span class="cl">     trust: ultimate      validity: ultimate
</span></span><span class="line"><span class="cl">[ultimate] (1). tmp<span class="nb">_</span>gpg<span class="nb">_</span>local &lt;278810732@qq.com&gt;
</span></span></code></pre></td></tr></table>
</div>
</div><blockquote>
<p>gpg&gt; <code>trust</code></p>
</blockquote>
<div class="highlight"><div class="chroma">
<table class="lntable"><tr><td class="lntd">
<pre tabindex="0" class="chroma"><code><span class="lnt"> 1
</span><span class="lnt"> 2
</span><span class="lnt"> 3
</span><span class="lnt"> 4
</span><span class="lnt"> 5
</span><span class="lnt"> 6
</span><span class="lnt"> 7
</span><span class="lnt"> 8
</span><span class="lnt"> 9
</span><span class="lnt">10
</span><span class="lnt">11
</span><span class="lnt">12
</span><span class="lnt">13
</span><span class="lnt">14
</span></code></pre></td>
<td class="lntd">
<pre tabindex="0" class="chroma"><code class="language-tex" data-lang="tex"><span class="line"><span class="cl">sec  rsa4096/13431F2AC47C4AE0
</span></span><span class="line"><span class="cl">     created: 2022-03-09  expires: 2022-09-05  usage: SC
</span></span><span class="line"><span class="cl">     trust: ultimate      validity: ultimate
</span></span><span class="line"><span class="cl">[ultimate] (1). tmp<span class="nb">_</span>gpg<span class="nb">_</span>local &lt;278810732@qq.com&gt;
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">Please decide how far you trust this user to correctly verify other users&#39; keys
</span></span><span class="line"><span class="cl">(by looking at passports, checking fingerprints from different sources, etc.)
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">  1 = I don&#39;t know or won&#39;t say
</span></span><span class="line"><span class="cl">  2 = I do NOT trust
</span></span><span class="line"><span class="cl">  3 = I trust marginally
</span></span><span class="line"><span class="cl">  4 = I trust fully
</span></span><span class="line"><span class="cl">  5 = I trust ultimately
</span></span><span class="line"><span class="cl">  m = back to the main menu
</span></span></code></pre></td></tr></table>
</div>
</div><blockquote>
<p>Your decision? <code>5</code></p>
<p>Do you really want to set this key to ultimate trust? (y/N) <code>y</code></p>
</blockquote>
<div class="highlight"><div class="chroma">
<table class="lntable"><tr><td class="lntd">
<pre tabindex="0" class="chroma"><code><span class="lnt">1
</span><span class="lnt">2
</span><span class="lnt">3
</span><span class="lnt">4
</span></code></pre></td>
<td class="lntd">
<pre tabindex="0" class="chroma"><code class="language-tex" data-lang="tex"><span class="line"><span class="cl">sec  rsa4096/13431F2AC47C4AE0
</span></span><span class="line"><span class="cl">     created: 2022-03-09  expires: 2022-09-05  usage: SC
</span></span><span class="line"><span class="cl">     trust: ultimate      validity: ultimate
</span></span><span class="line"><span class="cl">[ultimate] (1). tmp<span class="nb">_</span>gpg<span class="nb">_</span>local &lt;278810732@qq.com&gt;
</span></span></code></pre></td></tr></table>
</div>
</div><blockquote>
<p>gpg&gt; <code>save</code></p>
<p><code>gpg --list-secret-keys --keyid-format=long</code> verify the expiry updated</p>
</blockquote>
<div class="highlight"><div class="chroma">
<table class="lntable"><tr><td class="lntd">
<pre tabindex="0" class="chroma"><code><span class="lnt">1
</span><span class="lnt">2
</span><span class="lnt">3
</span><span class="lnt">4
</span><span class="lnt">5
</span><span class="lnt">6
</span><span class="lnt">7
</span></code></pre></td>
<td class="lntd">
<pre tabindex="0" class="chroma"><code class="language-tex" data-lang="tex"><span class="line"><span class="cl">sec   rsa4096/90684042688CB9BE 2022-03-09 [SC] [expires: 2024-03-08]
</span></span><span class="line"><span class="cl">      7E7F28C4EFFD7721E0133ED490684042688CB9BE
</span></span><span class="line"><span class="cl">uid                 [ultimate] xwi88 &lt;278810732@qq.com&gt;
</span></span><span class="line"><span class="cl">
</span></span><span class="line"><span class="cl">sec   rsa4096/13431F2AC47C4AE0 2022-03-09 [SC] [expires: 2022-09-05]
</span></span><span class="line"><span class="cl">      CE70FE5A7EB462DDA68EE86913431F2AC47C4AE0
</span></span><span class="line"><span class="cl">uid                 [ultimate] tmp<span class="nb">_</span>gpg<span class="nb">_</span>local &lt;278810732@qq.com&gt;
</span></span></code></pre></td></tr></table>
</div>
</div></div>
        </div>
    </div>
<h2 id="rebinding-the-gpg-sign-key">
    <a href="#rebinding-the-gpg-sign-key" class="header-anchor" aria-label="Link to Rebinding the GPG sign key"></a>Rebinding the GPG sign key</h2>
<blockquote>
<p><strong>Don&rsquo;t change this unless you need to.</strong></p>
</blockquote>
<div class="details admonition warning open">
        <div class="details-summary admonition-title">
            <i class="icon fas fa-exclamation-triangle fa-fw" aria-hidden="true"></i>Warning<i class="details-icon fas fa-angle-right fa-fw" aria-hidden="true"></i>
        </div>
        <div class="details-content">
            <div class="admonition-content"><blockquote>
<ul>
<li>
<p><strong>Don&rsquo;t update the following unless needed</strong></p>
</li>
<li>
<p>For a <em>single project</em>, you may replace <del>&ndash;global</del> with <strong>local</strong></p>
</li>
</ul>
</blockquote>
<ul>
<li><code>git config --global commit.gpgSign true</code></li>
<li><code>git config --global user.signingKey 13431F2AC47C4AE0</code></li>
</ul>
<p>If anything changes, sync the <strong>GPG key</strong> in your <strong>git</strong> repo too.</p>
</div>
        </div>
    </div>
<h2 id="deleting-gpg-keys">
    <a href="#deleting-gpg-keys" class="header-anchor" aria-label="Link to Deleting GPG keys"></a><em>Deleting GPG keys</em></h2>
<ul>
<li><code>gpg --delete-secret-key [uid]</code></li>
<li><code>gpg --delete-secret-key [uid1] [uid2]</code></li>
</ul>
<div class="details admonition warning open">
        <div class="details-summary admonition-title">
            <i class="icon fas fa-exclamation-triangle fa-fw" aria-hidden="true"></i>Warning<i class="details-icon fas fa-angle-right fa-fw" aria-hidden="true"></i>
        </div>
        <div class="details-content">
            <div class="admonition-content"><p><strong>Don&rsquo;t delete unless necessary</strong> — if it&rsquo;s just expiry, do a <strong>renewal</strong> instead.</p>
<p><em>uid for tmp_gpg</em> may be any of the following; prefer the <em>GPG key ID</em>:</p>
<ul>
<li><em>tmp_gpg</em></li>
<li><strong>13431F2AC47C4AE0</strong></li>
<li><em>CE70FE5A7EB462DDA68EE86913431F2AC47C4AE0</em></li>
</ul>
</div>
        </div>
    </div>
<div class="details admonition example open">
        <div class="details-summary admonition-title">
            <i class="icon fas fa-list-ol fa-fw" aria-hidden="true"></i>Example<i class="details-icon fas fa-angle-right fa-fw" aria-hidden="true"></i>
        </div>
        <div class="details-content">
            <div class="admonition-content"><blockquote>
<p><code>gpg --delete-secret-key 13431F2AC47C4AE0</code></p>
</blockquote>
<div class="highlight"><div class="chroma">
<table class="lntable"><tr><td class="lntd">
<pre tabindex="0" class="chroma"><code><span class="lnt">1
</span></code></pre></td>
<td class="lntd">
<pre tabindex="0" class="chroma"><code class="language-tex" data-lang="tex"><span class="line"><span class="cl">sec  rsa4096/13431F2AC47C4AE0 2022-03-09 tmp<span class="nb">_</span>gpg<span class="nb">_</span>local &lt;278810732@qq.com&gt;
</span></span></code></pre></td></tr></table>
</div>
</div><blockquote>
<p>Delete this key from the keyring? (y/N) <code>y</code></p>
<p>This is a secret key! - really delete? (y/N) <code>y</code></p>
</blockquote>
<p>Verify deletion: <code>gpg --list-secret-keys</code></p>
<div class="highlight"><div class="chroma">
<table class="lntable"><tr><td class="lntd">
<pre tabindex="0" class="chroma"><code><span class="lnt">1
</span><span class="lnt">2
</span><span class="lnt">3
</span></code></pre></td>
<td class="lntd">
<pre tabindex="0" class="chroma"><code class="language-tex" data-lang="tex"><span class="line"><span class="cl">sec   rsa4096 2022-03-09 [SC] [expires: 2024-03-08]
</span></span><span class="line"><span class="cl">      7E7F28C4EFFD7721E0133ED490684042688CB9BE
</span></span><span class="line"><span class="cl">uid           [ultimate] xwi88 &lt;278810732@qq.com&gt;
</span></span></code></pre></td></tr></table>
</div>
</div></div>
        </div>
    </div>
<h2 id="references">
    <a href="#references" class="header-anchor" aria-label="Link to References"></a>References</h2>
<ul>
<li><a href="https://docs.github.com/en/authentication/managing-commit-signature-verification" target="_blank" rel="noopener noreffer ">managing-commit-signature-verification</a></li>
<li><a href="https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification#smime-commit-signature-verification" target="_blank" rel="noopener noreffer ">S/MIME commit signature verification</a></li>
<li><a href="https://www.hifis.net/tutorial/2020/04/15/smime-signing-git-commits.html" target="_blank" rel="noopener noreffer ">smime-signing-git-commits</a></li>
</ul>]]></description></item></channel></rss>