将 Github 上的提交标记为 Verified

## 一、生成 GPG 密钥

Github 在提交命令时并不会去验证邮箱的正确性， 也就是可以邮箱是可以伪造的 ，为了避免这种情况的出现，可以使用 Verified( 认证)。

1. 打开 Git Bash
2. 生成一个密钥（可在 Linux 控制台,Windows 下有 Cygwin64 等）
3. 使用命令开始创建GPG 密钥

* 使用命令：`gpg --full-generate-key`
* 提示：Please select what kind of key you want `默认即可，回车`
* 提示：Please select which elliptic curve you want `默认即可，回车`
* 提示：Please specify how long the key should be valid. `默认即可，回车`
* 提示：Is this correct? (y/N) `输入 "y" 然后回车`
* 提示：Real name `输入提交时显示的 用户名 看个人喜好`
* 提示：Email address `输入在Github使用的主邮箱`
* 提示：Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? `输入 "o" 然后回车`

```bash
$ gpg --full-generate-key
gpg (GnuPG) 2.4.5-unknown; Copyright (C) 2024 g10 Code GmbH
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Please select what kind of key you want:
   (1) RSA and RSA
   (2) DSA and Elgamal
   (3) DSA (sign only)
   (4) RSA (sign only)
   (9) ECC (sign and encrypt) *default*
  (10) ECC (sign only)
  (14) Existing key from card
Your selection?
Please select which elliptic curve you want:
   (1) Curve 25519 *default*
   (4) NIST P-384
   (6) Brainpool P-256
Your selection?
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0)
Key does not expire at all
Is this correct? (y/N) y

GnuPG needs to construct a user ID to identify your key.

Real name: test_name
Email address: test@test.cn
Comment:
You selected this USER-ID:
    "test_name <test@test.cn>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: revocation certificate stored as '/c/Users/nuoxian/.gnupg/openpgp-revocs.d/EBA06C49B8EBB78E7FF912DAB8FD1BC2A31580CF.rev'
public and secret key created and signed.

pub   ed25519 2025-02-18 [SC]
      EBA06C49B8EBB78E7FF912DAB8FD1BC2A31580CF
uid                      test_name <test@test.cn>
sub   cv25519 2025-02-18 [E
```

#### 列出所有 GPG 密钥 ID

列出所有 GPG 密钥 ID：`gpg --list-secret-keys --keyid-format LONG`

```bash
$ gpg --list-secret-keys --keyid-format LONG
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   3  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 3u
[keyboxd]
---------
sec   ed25519/B8FD1BC2A31580CF 2025-02-18 [SC] # 这里B8FD1BC2A31580CF是KeyID
      EBA06C49B8EBB78E7FF912DAB8FD1BC2A31580CF
uid                 [ultimate] test_name <test@test.cn>
ssb   cv25519/2E5816E2C83C3FBA 2025-02-18 [E]
```

#### 导出公钥

```bash
# 方法1控制台输出密钥
gpg --armor --export B8FD1BC2A31580CF
# 方法2导出密钥
gpg -a -o key.txt --export B8FD1BC2A31580CF
```

#### 删除私钥

列出所有 GPG 私钥：`gpg --list-secret-keys`

```
$ gpg --list-secret-keys
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
[keyboxd]
---------
sec   ed25519 2025-02-11 [SC]
      XXXXXXXXXXXXXXXXXXXXXX
uid           [ultimate] nuoxi4n <nuo_xian@qq.com>
ssb   cv25519 2025-02-11 [E]
```

执行删除私钥，然后输入 "y" 确认输入密码即可删除 `gpg --delete-secret-keys XXXXXXXXXXXXXXXXXXXXXX（私钥ID）`

#### 删除公钥

列出所有 GPG 公钥：`gpg --list-keys`

```bash
$ gpg --list-keys
[keyboxd]
---------
pub   ed25519 2025-02-11 [SC]
      XXXXXXXXXXXXXXXXXXXXXX
uid           [ultimate] nuoxi4n <nuo_xian@qq.com>
sub   cv25519 2025-02-11 [E]
```

执行删除公钥，然后输入 "y" 确认即可删除 `gpg --delete-keys XXXXXXXXXXXXXXXXXXXXXX（公钥ID）`

[scode type="yellow" size=""]需先删除私钥才能删除公钥！[/scode]

## 将 GPG 密钥导入 Github

Github ——> Setting ——> SSH and GPG keys ——> New GPG key

点击一键访问 [Add new GPG key](https://github.com/settings/gpg/new)

将导出的公钥导入到Github中

```bash
$ gpg --armor --export B8FD1BC2A31580CF
-----BEGIN PGP PUBLIC KEY BLOCK-----

mDMEZ7Q3fhYJKwYBBAHaRw8BAQdAkWyoRCmsZ8D7GrfTm3O6/ch9YKNhvAE9QIJY
[省略这一部分]
gM8EcAD/e8posD63i4kUGYY1EVWtNw4FbkSoOfCzWpTyNZWfR0oA+wWi2BVTJJCK
=aj2h
-----END PGP PUBLIC KEY BLOCK-----
```

AI摘要

本文介绍了如何在Github上生成和使用GPG密钥来验证提交。首先，通过Git Bash生成GPG密钥，包括选择密钥类型、曲线、有效期等，并设置用户名和邮箱。然后，列出所有GPG密钥ID，导出公钥，并在Github的设置中添加GPG密钥。最后，介绍了如何删除GPG的私钥和公钥。

一、生成 GPG 密钥

Github 在提交命令时并不会去验证邮箱的正确性，也就是可以邮箱是可以伪造的，为了避免这种情况的出现，可以使用 Verified( 认证)。

打开 Git Bash
生成一个密钥（可在 Linux 控制台,Windows 下有 Cygwin64 等）
使用命令开始创建GPG 密钥

使用命令：gpg --full-generate-key
提示：Please select what kind of key you want 默认即可，回车
提示：Please select which elliptic curve you want 默认即可，回车
提示：Please specify how long the key should be valid. 默认即可，回车
提示：Is this correct? (y/N) 输入 "y" 然后回车
提示：Real name 输入提交时显示的用户名看个人喜好
提示：Email address 输入在Github使用的主邮箱
提示：Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? 输入 "o" 然后回车

$ gpg --full-generate-key
gpg (GnuPG) 2.4.5-unknown; Copyright (C) 2024 g10 Code GmbH
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Please select what kind of key you want:
   (1) RSA and RSA
   (2) DSA and Elgamal
   (3) DSA (sign only)
   (4) RSA (sign only)
   (9) ECC (sign and encrypt) *default*
  (10) ECC (sign only)
  (14) Existing key from card
Your selection?
Please select which elliptic curve you want:
   (1) Curve 25519 *default*
   (4) NIST P-384
   (6) Brainpool P-256
Your selection?
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0)
Key does not expire at all
Is this correct? (y/N) y

GnuPG needs to construct a user ID to identify your key.

Real name: test_name
Email address: test@test.cn
Comment:
You selected this USER-ID:
    "test_name <test@test.cn>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: revocation certificate stored as '/c/Users/nuoxian/.gnupg/openpgp-revocs.d/EBA06C49B8EBB78E7FF912DAB8FD1BC2A31580CF.rev'
public and secret key created and signed.

pub   ed25519 2025-02-18 [SC]
      EBA06C49B8EBB78E7FF912DAB8FD1BC2A31580CF
uid                      test_name <test@test.cn>
sub   cv25519 2025-02-18 [E

列出所有 GPG 密钥 ID

列出所有 GPG 密钥 ID：gpg --list-secret-keys --keyid-format LONG

$ gpg --list-secret-keys --keyid-format LONG
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   3  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 3u
[keyboxd]
---------
sec   ed25519/B8FD1BC2A31580CF 2025-02-18 [SC] # 这里B8FD1BC2A31580CF是KeyID
      EBA06C49B8EBB78E7FF912DAB8FD1BC2A31580CF
uid                 [ultimate] test_name <test@test.cn>
ssb   cv25519/2E5816E2C83C3FBA 2025-02-18 [E]

导出公钥

# 方法1控制台输出密钥
gpg --armor --export B8FD1BC2A31580CF
# 方法2导出密钥
gpg -a -o key.txt --export B8FD1BC2A31580CF

删除私钥

列出所有 GPG 私钥：gpg --list-secret-keys

$ gpg --list-secret-keys
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
[keyboxd]
---------
sec   ed25519 2025-02-11 [SC]
      XXXXXXXXXXXXXXXXXXXXXX
uid           [ultimate] nuoxi4n <nuo_xian@qq.com>
ssb   cv25519 2025-02-11 [E]

执行删除私钥，然后输入 "y" 确认输入密码即可删除 gpg --delete-secret-keys XXXXXXXXXXXXXXXXXXXXXX（私钥ID）

删除公钥

列出所有 GPG 公钥：gpg --list-keys

$ gpg --list-keys
[keyboxd]
---------
pub   ed25519 2025-02-11 [SC]
      XXXXXXXXXXXXXXXXXXXXXX
uid           [ultimate] nuoxi4n <nuo_xian@qq.com>
sub   cv25519 2025-02-11 [E]

执行删除公钥，然后输入 "y" 确认即可删除 gpg --delete-keys XXXXXXXXXXXXXXXXXXXXXX（公钥ID）

需先删除私钥才能删除公钥！

将 GPG 密钥导入 Github

Github ——> Setting ——> SSH and GPG keys ——> New GPG key

点击一键访问 Add new GPG key

将导出的公钥导入到Github中

$ gpg --armor --export B8FD1BC2A31580CF
-----BEGIN PGP PUBLIC KEY BLOCK-----

mDMEZ7Q3fhYJKwYBBAHaRw8BAQdAkWyoRCmsZ8D7GrfTm3O6/ch9YKNhvAE9QIJY
[省略这一部分]
gM8EcAD/e8posD63i4kUGYY1EVWtNw4FbkSoOfCzWpTyNZWfR0oA+wWi2BVTJJCK
=aj2h
-----END PGP PUBLIC KEY BLOCK-----

最后修改：2025 年 09 月 26 日

如果觉得我的文章对你有用，请随意赞赏

将 Github 上的提交标记为 Verified

一、生成 GPG 密钥

列出所有 GPG 密钥 ID

导出公钥

删除私钥

删除公钥

将 GPG 密钥导入 Github

发表评论取消回复
使用cookie技术保留您的个人信息以便您下次快速评论，继续评论表示您已同意该条款

1 条评论

原神启动器 - 帮助您快速开始一段游戏旅程！

为你的Handsome主题添加B站小黄脸表情包

FFmpeg的安装使用，以及m3u8切片方法

CSGO创建战队教程，创建战队的详细步骤来了！

为你的电脑添加初音未来鼠标指针

将 Github 上的提交标记为 Verified

原神启动器的缓存机制说明

Typecho修改永久链接后旧链接301跳转

谨以此文，诉说我与学校

为你的Handsome主题添加B站小黄脸表情包

将 Github 上的提交标记为 Verified

一、生成 GPG 密钥

列出所有 GPG 密钥 ID

导出公钥

删除私钥

删除公钥

将 GPG 密钥导入 Github

发表评论 取消回复 使用cookie技术保留您的个人信息以便您下次快速评论，继续评论表示您已同意该条款

1 条评论

将 Github 上的提交标记为 Verified

发表评论取消回复
使用cookie技术保留您的个人信息以便您下次快速评论，继续评论表示您已同意该条款