Files

Roman Zeyde d9cb75e95d gpg: use which gpg2 for 'gpg.program' git configuration

This enables git-cola support TREZOR-based commit signatues,
together with "cola.signcommits=true" setting.

2016-10-29 22:28:57 +03:00

1.4 KiB

Raw Blame History

Note: the GPG-related code is still under development, so please try the current implementation and feel free to report any issue you have encountered. Thanks!

Installation

First, verify that you have GPG 2.1+ installed:

$ gpg2 --version | head -n1
gpg (GnuPG) 2.1.15

Update you TREZOR firmware to the latest version (at least v1.4.0).

Install latest trezor-agent package from GitHub:

$ pip install --user git+https://github.com/romanz/trezor-agent.git

Quickstart

Identity creation

Sample usage (signature and decryption)

Git commit & tag signatures:

Git can use GPG to sign and verify commits and tags (see here):

$ git config --local gpg.program $(which gpg2)
$ git commit --gpg-sign                      # create GPG-signed commit
$ git log --show-signature -1                # verify commit signature
$ git tag --sign "v1.2.3"                    # create GPG-signed tag
$ git verify-tag "v1.2.3"                    # verify tag signature