Home Explore Blog CI



git
1st chunk of `Documentation/config/gpg.adoc`
7e3a0bfbb8c242bcc510135d995543c2357374dd237f0644000000010000081f
gpg.program::
	Use this custom program instead of "`gpg`" found on `$PATH` when
	making or verifying a PGP signature. The program must support the
	same command-line interface as GPG, namely, to verify a detached
	signature, "`gpg --verify $signature - <$file`" is run, and the
	program is expected to signal a good signature by exiting with
	code 0.  To generate an ASCII-armored detached signature, the
	standard input of "`gpg -bsau $key`" is fed with the contents to be
	signed, and the program is expected to send the result to its
	standard output.

gpg.format::
	Specifies which key format to use when signing with `--gpg-sign`.
	Default is "openpgp". Other possible values are "x509", "ssh".
+
See linkgit:gitformat-signature[5] for the signature format, which differs
based on the selected `gpg.format`.

gpg.<format>.program::
	Use this to customize the program used for the signing format you
	chose. (see `gpg.program` and `gpg.format`) `gpg.program` can still
	be used as a legacy synonym for `gpg.openpgp.program`. The default
	value for `gpg.x509.program` is "gpgsm" and `gpg.ssh.program` is "ssh-keygen".

gpg.minTrustLevel::
	Specifies a minimum trust level for signature verification.  If
	this option is unset, then signature verification for merge
	operations requires a key with at least `marginal` trust.  Other
	operations that perform signature verification require a key
	with at least `undefined` trust.  Setting this option overrides
	the required trust-level for all operations.  Supported values,
	in increasing order of significance:
+
* `undefined`
* `never`
* `marginal`
* `fully`
* `ultimate`

gpg.ssh.defaultKeyCommand::
	This command will be run when user.signingkey is not set and a ssh
	signature is requested. On successful exit a valid ssh public key
	prefixed with `key::` is expected in the first line of its output.
	This allows for a script doing a dynamic lookup of the correct public
	key when it is impractical to statically configure `user.signingKey`.
	For example when keys or SSH Certificates are rotated frequently or
	selection
Title: Git GPG Configuration Options
Summary
This section describes various Git configuration options related to GPG, including custom programs, key formats, trust levels, and default key commands for signing and verification, allowing users to customize their Git setup for secure signing and verification of commits and tags.