Managing SSH and GPG Public Keys

On GitCode, you can use SSH (Secure Shell Protocol) and GPG (GNU Privacy Guard) public keys to ensure the security and convenience of code hosting and commits. This article will guide you through understanding and setting up these two types of public keys.

• SSH: SSH is a secure remote login protocol. By adding an SSH public key, you can push and pull code without entering your username and password each time.
• GPG: GPG is an encryption tool that can be used to verify the authenticity of commits. After adding a GPG public key, you can sign your commits to ensure they are from you.

提示

1. Public and private keys are used in pairs; please keep your private key safe and avoid leaking it.
2. The GPG public key must be associated with the email address verified on GitCode.

Generating and Adding SSH Keys

---

Generating SSH Keys

1. Open the terminal (Windows users can use Git Bash).

2. Enter the following command, replacing [your_email@example.com](mailto:your_email@example.com) with your email:

   ssh-keygen -t ed25519 -C "your_email@example.com"

3. When prompted, press Enter to accept the default file location.

4. Enter a secure passphrase (optional but recommended).

5. The key pair will be generated at the following locations:

   • Private key: ~/.ssh/id_ed25519.
   • Public key: ~/.ssh/id_ed25519.pub.

   

Adding SSH Public Key to GitCode

1. Copy the content of the SSH public key:

   cat ~/.ssh/id_ed25519.pub

2. Log in to GitCode, go to "Personal Settings" -> "Security Settings" -> "SSH Public Key".

3. Click “+ SSH Public Key”.

4. In the “Key Name” field, provide a descriptive name for the public key.

5. Paste the copied public key content into the “Key” text box.

6. Click “Create” to complete the operation.

   

Testing SSH Connection

ssh -T git@gitcode.com

Generating and Adding GPG Keys

---

Generating GPG Keys

1. Install the GPG tool if it is not already installed.

2. Generate a GPG key pair:

   gpg --full-generate-key

3. Choose the key type (recommended: RSA and RSA).

4. Set the key length to 4096 bits.

5. Set the key expiration date.

6. Enter your personal information:

   • Real name.
   • Email address (must be the one verified on GitCode).
   • Comment (optional).

7. Set a passphrase.

   

Exporting GPG Public Key

1. View the list of keys. If there are multiple keys, find the one you need based on the uid (user information).

   gpg --armor --export YOUR_KEY_ID

2. Export the GPG public key. Copy the entire output, including “-----BEGIN PGP PUBLIC KEY BLOCK-----” and “-----END PGP PUBLIC KEY BLOCK-----”.

   gpg --armor --export YOUR_KEY_ID

   

Adding GPG Public Key to GitCode

1. Log in to GitCode, go to "Personal Settings" -> "Security Settings" -> "GPG Public Key".

2. Click “+ GPG Public Key”.

3. In the “Key Name” field, provide a descriptive name for the public key.

4. Paste the exported GPG public key into the “Key” text box.

5. Click “Create” to complete the operation.

6. A confirmation message saying “Verified” indicates successful creation.

   

Configuring Git to Use GPG Signing

1. Set the GPG key in Git:

   git config --global user.signingkey YOUR_KEY_ID

2. Enable automatic GPG signing of commits:

   git config --global commit.gpgsign true

By configuring SSH and GPG public keys, you can more securely and efficiently host and collaborate on code on the GitCode platform. Reasonably configure these two types of public keys according to your needs, and they will protect your development journey!