Signing Git Commits
Introduction This is a guide to help you sign your Git commits in an open source project, in order to verify that the owner of the submitted code is you and only you.
Git enables us to use whatever email and username we want when doing a git commit. This can be easily used for malicious purposes, as anyone can pretend to be another person when commiting a piece of code.
GPG Keys - Create & Use
Introduction If you are into Linux or the Security field you most likely have heard the terms: PGP, GPG, GnuPG, OpenPGP. They sometimes are being used interchangeably to describe e.g. how to encrypt mails or how to verify signatures of installed programs and packages. It might be difficult for new users to understand the differences, and how the PGP encryption works, but it is simple if explained.
PGP: Pretty Good Privacy (PGP) is is an encryption program that provides cryptographic privacy and authentication for data communication.