metadata
title: Managing commit signature verification
intro: >-
{% data variables.product.github %} will verify GPG, SSH, or S/MIME signatures
so other people will know that your commits come from a trusted source.{%
ifversion fpt %} {% data variables.product.github %} will automatically sign
commits you make using the web interface.{% endif %}
redirect_from:
- /articles/generating-a-gpg-key
- /articles/signing-commits-with-gpg
- /articles/managing-commit-signature-verification
- /github/authenticating-to-github/managing-commit-signature-verification
versions:
fpt: '*'
ghes: '*'
ghec: '*'
topics:
- Identity
- Access management
children:
- /about-commit-signature-verification
- /displaying-verification-statuses-for-all-of-your-commits
- /checking-for-existing-gpg-keys
- /generating-a-new-gpg-key
- /adding-a-gpg-key-to-your-github-account
- /telling-git-about-your-signing-key
- /associating-an-email-with-your-gpg-key
- /signing-commits
- /signing-tags
shortTitle: Verify commit signatures