Repository to try out ssh signatures on tags and/or commits.

Suggested local configuration:

  git config --local gpg.format ssh
  git config --local user.signingkey "key::$(< key.pub)"
  git config --local gpg.ssh.allowedSignersFile allowed_signers
  git config --local log.showSignature true

Signed commits can be made using git commit -S, and they are displayed
by git log. (Short option -s is somethign different, to add a signoff line).

Signed tags can be made using git tag -s. Signed tags are always
annotated, and should have a message.

Signing files is can be done using

    ssh-keygen -Y sign -f key.pub -n "file" MSG

(since only public key is given, ssh-agent is required). This can be
verified without any metadata using

    ssh-keygen -Y check-novalidate -f key.pub -n "file" -s SIG_FILE < MSG

To verify against a listed key, use

    ssh-keygen -Y verify -f allowed_signers -I id -n namespace -s SIG_FILE < MSG