Verifying Digital Signatures with GitHub


This is something I tend to forget once in a while.  Today I was reminded of this fact by an email from a key Dogecoin contributor Ross Nichol

A while back I wrote an article on #askageek on how you can send secure/secret message to your friends and family members using 'GPG'. These steps include how you can then submit a copy of your public key to a key server so that other people can verify and decrypt your messages.

Well today I learned, that you can also put a copy of your public key on GitHub, and use it as another method of verifying users. What is interesting about this, is that I have had my GPG key in GitHub for a while as a method of digitally signing my code. You can find a great step by step tutorial (with video) on how to do this over at dev.to

What I did not realize, however, is that you can also view the public keys of GitHub users simply by adding the text ".gpg" to the user profile name:

For example by GitHub Profile is https://github.com/geekwisdom. Simpy add '.gpg' to the address (ie: https://github.com/geekwisdom.gpg), and you will be taken to a copy of the public key which you can then easily import into your favorite GPG software program.

It's as simple as that! - Who knew?


If you liked this post please consider sharing via your favorite social networks!!

and ..if you like my blogging, video, audio, and programming - please consider becoming a patron and get exclusive access @ Patreon.com/GeekWisdom

Comments

Popular posts from this blog

There's a bug in the keyboard driver...(dear liza)

Password Security Challenge - Last Pass & 1Password

What is Multi Factor Authentication (MFA / 2FA)?? and Why does it matter??

About the Book - Geek Wisdom

The Programmer's Dilemma

Despite of how it looks - I'm not part of a coup d'etat

Brad's Weekend of Coding - Day 1 - Summary

The Most Dangerous Software on the Internet!

Eco Cycle Planning Resources, Toastmasters & Unicorns

IT Security Myths & Legends