Skip to content

Damning GPG Key

I tried to use GPG key months ago, and after a desperate search, I finally knew that I didn't read the doc carefully and forgot to tell git what gpg key to use.

And I happily reproduce the same on my Ubuntu virtual machine.

That's when interesting mystery took place.

GitHub said that the commits by my windows machine was unverified but the ones by Ubuntu IS verified.

WTH? That's IMPOSSIBLE! I even copied the private keys to windows machine and without luck.

Finally, I found out that the email setting was different between two machines and GitHub need the local email MUST equals the email/comment of GPG key.

Alright.

And today, when I have succeeded in signing many commits in different repos, I failed to sign this repo...

That's IMPOSSIBLE ENOUGH!

Fortunately, a command saved me:

git config -l

And I saw two user.signingkey there... Interesting ...

One is global and one is local, the local one is introduced in the early age when I configure the GPG key generated by windows locally and forgot to remove it...

Okey, I swear that there shall be NO DAMNING TROUBLE in GPG later on!