You may already be signing your Git commits with a GPG key, but as of today you can instead choose to sign with your SSH key! Signing in SSH is a relatively new feature that lets you use your private SSH key to sign arbitrary text and others to verify that signature with your public key.
The need to keep your personal information, sensitive or nonsensitive, secure from prying eyes isn’t new, but recent events have brought it back into the public eye.
In this workshop, we’ll build and upload public keys, explore Git commit signing, and learn to sign others’ PGP keys. If we have time, we’ll exchange key fingerprints and show IDs, then discuss signing and verifying gems.
You’ll need a photo ID and your own computer for this workshop.
Learn not only how to use PGP, but why each step is important and how to make decisions when interacting with PGP.