How to Create an SSH Signing Key
To sign a digital succession, you need an SSH signing key. To do this, Hidos requires the following:
- Git version 2.34 or newer
- OpenSSH 8.8 or newer
Creating an SSH Signing Key
You will need to create an SSH key (unless you already have one for signing).
ssh-keygen -t ed25519 -C "me@example.com" -N "" -f my_signing_key
This command will generate two files:
my_signing_key- the private key filemy_signing_key.pub- the public key file
You can store the public key file my_signing_key.pub anywhere,
even in a public location.
However, make sure to keep your private key file safe.
Anyone with access to this signing key can amend new editions to your digital succession.
A common location to store SSH key files is the local directory ~/.ssh/,
where other SSH keys are often kept.
Configuring Git to Use Your New SSH Signing Key
First, configure Git to use SSH keys for signing instead of GPG keys:
git config --global gpg.format ssh
Next, let Git know the location of your private SSH signing key. For example:
git config --global user.signingkey ~/.ssh/my_signing_key
With these configurations in place, you can now use hidos without the --unsigned option.
Keep the my_signing_key.pub file handy, as you will need it to create a signed succession.