SSH Certificates and Git Signing
6 hours ago
- #Code Signing
- #Git Security
- #SSH Certificates
- Author tags in source code can be misleading or falsified, posing security risks.
- Git supports cryptographic signing of commits and tags using OpenPGP, X.509, or SSH keys.
- SSH certificates provide a more secure alternative, signed by a trusted party with metadata.
- Git can be configured to use SSH certificates for signing commits, enhancing security.
- Validating signatures in Git involves checking against a trusted key file, though native tooling has limitations.
- GitHub and GitLab support SSH certificates for authentication but lack trust for commit signing by default.
- A custom tool was developed to verify commits signed by SSH certificates or allowed OpenPGP keys.
- Hardware security modules (TPMs, Secure Enclave) can store private keys, preventing theft.
- A TPM-backed SSH agent was created for secure key storage and usage across systems.
- Attestation can prove keys were generated in trusted hardware, enhancing security.
- SSH certificates for Git commit signing are superior to other methods, leveraging existing infrastructure.