To sign commits associated with your account on GitHub Enterprise Cloud, you can add a public GPG key to your personal account. Before you add a key, you should check for existing keys. If you don't find any existing keys, you can generate and copy a new key. For more information, see "Checking for existing GPG keys" and "Generating a new GPG key."
You can add multiple public keys to your account on GitHub Enterprise Cloud. Commits signed by any of the corresponding private keys will show as verified. If you remove a public key, any commits signed by the corresponding private key will no longer show as verified.
To verify as many of your commits as possible, you can add expired and revoked keys. If the key meets all other verification requirements, commits that were previously signed by any of the corresponding private keys will show as verified and indicate that their signing key is expired or revoked.
GitHub Enterprise Cloud suporta vários algoritmos de chave GPG. Se você tentar adicionar uma chave gerada com um algoritmo não suportado, você pode encontrar um erro.
When verifying a signature, GitHub Enterprise Cloud extracts the signature and attempts to parse its key ID. The key ID is then matched with keys added to GitHub Enterprise Cloud. Until a matching GPG key is added to GitHub Enterprise Cloud, it cannot verify your signatures.
No canto superior direito de qualquer página, clique na foto do seu perfil e em Configurações.
In the "Access" section of the sidebar, click SSH and GPG keys.
Click New GPG key.
In the "Key" field, paste the GPG key you copied when you generated your GPG key.
Click Add GPG key.
To confirm the action, enter your GitHub Enterprise Cloud password.