Skip to main content

此版本的 GitHub Enterprise 已停止服务 2022-10-12. 即使针对重大安全问题,也不会发布补丁。 为了获得更好的性能、更高的安全性和新功能,请升级到最新版本的 GitHub Enterprise。 如需升级帮助,请联系 GitHub Enterprise 支持

Adding a GPG key to your GitHub account

To configure your account on your GitHub Enterprise Server instance to use your new (or existing) GPG key, you'll also need the key to your account.

About addition of GPG keys to your account

To sign commits associated with your account on GitHub Enterprise Server, you can add a public GPG key to your personal account. Before you add a key, you should check for existing keys. If you don't find any existing keys, you can generate and copy a new key. For more information, see "Checking for existing GPG keys" and "Generating a new GPG key."

You can add multiple public keys to your account on GitHub Enterprise Server. Commits signed by any of the corresponding private keys will show as verified. If you remove a public key, any commits signed by the corresponding private key will no longer show as verified.

支持的 GPG 密钥算法

GitHub Enterprise Server 支持多种 GPG 密钥算法。 如果您尝试添� 使用不支持的算法生成的密钥,可能会发生错误。

  • RSA
  • ElGamal
  • DSA
  • ECDH
  • ECDSA
  • EdDSA

When verifying a signature, GitHub Enterprise Server extracts the signature and attempts to parse its key ID. The key ID is then matched with keys added to GitHub Enterprise Server. Until a matching GPG key is added to GitHub Enterprise Server, it cannot verify your signatures.

Adding a GPG key

  1. 在任何页面的右上角,单击个人资料照片,然后单击“设置”。

    用户� �中的 Settings 图� �

  2. In the user settings sidebar, click SSH and GPG keys. Authentication keys

  3. Click New GPG key. GPG Key button

  4. In the "Key" field, paste the GPG key you copied when you generated your GPG key. The key field

  5. Click Add GPG key. The Add key button

  6. To confirm the action, enter your GitHub Enterprise Server password.

Updating an expired GPG key

When verifying a signature, GitHub Enterprise Server checks that the key is not revoked or expired. If your signing key is revoked or expired, GitHub Enterprise Server cannot verify your signatures.

If your key is expired, you must update its expiration, export the new key, delete the expired key in your account on GitHub Enterprise Server, and add the new key to your account as described above. Your previous commits and tags will show as verified, as long as the key meets all other verification requirements.

If your key is revoked, use the primary key or another key that is not revoked to sign your commits.

If your key is invalid and you don't use another valid key in your key set, but instead generate a new GPG key with a new set of credentials, then your commits made with the revoked or expired key will continue to show as unverified. Also, your new credentials will not be able to re-sign or verify your old commits and tags.

Further reading