This repository includes the path to become a committer with any kind of git oriented workflow to push commits to any kind of forge.
https://labs.masscollabs.xyz/blog/2023/12/22/hacker-how-to/
by-sa.markdown | ||
README.md | ||
README.md~ |
A Guide for Hackers who wants to become a committer
This repository includes the path to become a committer with any kind of git oriented workflow to push commits to any kind of forge.
Setting SSH Keys
Please read :
- https://docs.github.com/en/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent
- https://docs.github.com/en/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account
Configuring GPG Key
-
After generating GPG Key please run :
gpg --list-secret-keys --keyid-format=long
- Then run this command but replace
3AA5C34371567BD2
with your GPG Key ID:
gpg --output secret.key --export-secret-keys 3AA5C34371567BD2
- Then run this command for Revocation Certificate but replace
3AA5C34371567BD2
with your GPG Key ID:
gpg --output revoke.asc --gen-revoke 3AA5C34371567BD2
- Then export your public key with this command but replace
3AA5C34371567BD2
with your GPG Key ID :
gpg --armor --export 3AA5C34371567BD2 > 3AA5C34371567BD2.asc
-
publish to PGP Global Directory , import key , trust and sign with Thunderbird Email Client or any other client
-
After this backup your secret.key and revoke.asc to an external disk and keep it safe.
-
Then open your public key with a text editor and copy all text and add your Public Key to GitHub like told here : https://docs.github.com/en/authentication/managing-commit-signature-verification/adding-a-gpg-key-to-your-github-account
For signing Commits with your GPG Key
Please read this :
- https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits
- https://docs.github.com/en/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key
Conclusion
- We have generated SSH Key and added our public SSH Key to our GitHub account.
- We have generated GPG Key, exported secret key, exported revocation certificate, published our public key to a server in this example PGP Global Directory and then we moved our secret.key and revoke.asc to an external disk. Then we added our GPG key to GitHub account.
- For signing commit we configured our git account.
happy hacking!...