Skip to content

Instantly share code, notes, and snippets.

@CypherpunkSamurai

CypherpunkSamurai/GIT_SSH_SIGNING_SKILL.md

Last active March 11, 2026 15:09
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save CypherpunkSamurai/994fda6464d5dc72f71fc76c991c39b3 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save CypherpunkSamurai/994fda6464d5dc72f71fc76c991c39b3 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
GIT_SSH_SIGNING_SKILL.md

Git SSH Signing - Reset / Disable Commands

1. Unset / Disable SSH Signing (Cross-Platform)

Windows (PowerShell)

# Remove all SSH signing configuration
git config --global --unset gpg.ssh.program
git config --global --unset gpg.format
git config --global --unset user.signingkey
git config --global --unset gpg.ssh.allowedSignersFile
git config --global --unset commit.gpgsign

# Verify signing is disabled
git config --global --get commit.gpgsign  # Should return nothing

Linux / macOS (Bash)

# Remove all SSH signing configuration
git config --global --unset gpg.ssh.program
git config --global --unset gpg.format
git config --global --unset user.signingkey
git config --global --unset gpg.ssh.allowedSignersFile
git config --global --unset commit.gpgsign

# Verify signing is disabled
git config --global --get commit.gpgsign  # Should return nothing

Universal One-Liner (All Platforms)

git config --global --unset gpg.ssh.program 2>/dev/null; git config --global --unset gpg.format 2>/dev/null; git config --global --unset user.signingkey 2>/dev/null; git config --global --unset gpg.ssh.allowedSignersFile 2>/dev/null; git config --global --unset commit.gpgsign 2>/dev/null

2. Reset / Re-apply SSH Signing (Cross-Platform)

Windows (PowerShell)

# Clear existing config
git config --global --unset gpg.ssh.program 2>$null
git config --global --unset gpg.format 2>$null
git config --global --unset user.signingkey 2>$null
git config --global --unset gpg.ssh.allowedSignersFile 2>$null
git config --global --unset commit.gpgsign 2>$null

# Set up fresh SSH signing
git config --global gpg.format ssh
git config --global user.signingkey "~/.ssh/id_ed25519.pub"
git config --global commit.gpgsign true

# Create allowed_signers file
$email = git config --global user.email
$key = Get-Content ~/.ssh/id_ed25519.pub
"$email $key" | Out-File -FilePath ~/.ssh/allowed_signers -Encoding utf8
git config --global gpg.ssh.allowedSignersFile "~/.ssh/allowed_signers"

Linux / macOS (Bash)

# Clear existing config
git config --global --unset gpg.ssh.program 2>/dev/null
git config --global --unset gpg.format 2>/dev/null
git config --global --unset user.signingkey 2>/dev/null
git config --global --unset gpg.ssh.allowedSignersFile 2>/dev/null
git config --global --unset commit.gpgsign 2>/dev/null

# Set up fresh SSH signing
git config --global gpg.format ssh
git config --global user.signingkey ~/.ssh/id_ed25519.pub
git config --global commit.gpgsign true

# Create allowed_signers file
email=$(git config --global user.email)
key=$(cat ~/.ssh/id_ed25519.pub)
echo "$email $key" > ~/.ssh/allowed_signers
git config --global gpg.ssh.allowedSignersFile ~/.ssh/allowed_signers

3. Verify Configuration

Check Current Signing Status

# Check if signing is enabled
git config --global --get commit.gpgsign

# Check signing format
git config --global --get gpg.format

# Check signing key
git config --global --get user.signingkey

# View recent commits with signature status
git log --show-signature -5

Expected Output When Disabled

# git config --global --get commit.gpgsign
# (empty - nothing returned)

# git log --show-signature
# No signature badges shown

Expected Output When Enabled

# git config --global --get commit.gpgsign
true

# git config --global --get gpg.format
ssh

# git log --show-signature
# Shows "Good signature" or "Bad signature" badges
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment