You can sign your work locally using GPG or S/MIME. GitHub will verify these signatures so other people will know that your commits come from a trusted source. GitHub will automatically sign commits you make using the GitHub web interface.
<rm>@<rm> MINGW64 ~ $ gpg --list-secret-keys --keyid-format LONG gpg: keybox '/c/Users/<rm>/.gnupg/pubring.kbx' created gpg: /c/Users/<rm>/.gnupg/trustdb.gpg: trustdb created
<rm>@<rm> MINGW64 ~ $ gpg --list-secret-keys --keyid-format LONG
<rm>@<rm> MINGW64 ~ $ gpg --list-key
<rm>@<rm> MINGW64 ~ $ gpg --full-generate-key gpg (GnuPG) 2.2.16-unknown; Copyright (C) 2019 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.
Please select what kind of key you want: (1) RSA and RSA (default) (2) DSA and Elgamal (3) DSA (sign only) (4) RSA (sign only) Your selection? 1 RSA keys may be between 1024 and 4096 bits long. What keysize do you want? (2048) 4096 Requested keysize is 4096 bits Please specify how long the key should be valid. 0 = key does not expire <n> = key expires in n days <n>w = key expires in n weeks <n>m = key expires in n months <n>y = key expires in n years Key is valid for? (0) 1y Key expires at Fri, May 21, 2021 4:03:37 PM CST Is this correct? (y/N) y
GnuPG needs to construct a user ID to identify your key.
Real name: yuangezhizao-workaccount Email address: [email protected] Comment: You selected this USER-ID: "yuangezhizao-workaccount <[email protected]>"
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. gpg: key 7C5AD4EFEBE22E2C marked as ultimately trusted gpg: directory '/c/Users/<rm>/.gnupg/openpgp-revocs.d' created gpg: revocation certificate stored as '/c/Users/<rm>/.gnupg/openpgp-revocs.d/529AB9F612C9EA2303836DCE7C5AD4EFEBE22E2C.rev' public and secret key created and signed.