PATATT(5) PATATT(5) NAME PATATT - DKIM-like cryptographic patch attestation SYNOPSIS patatt {sign,validate,genkey,install-hook} [options] DESCRIPTION This tools allows cryptographically signing patches sent via email by using DKIM-like message headers. This approach is both effective and doesn't interfere with other code review tools the way inline or detached PGP signatures do. For a full overview of core concepts and considerations, please see README. If you already have a PGP key configured for signing git tags or commits, then you should be able to use patatt without any additional configuration. Try running the following in any git repository: git format-patch -1 --stdout | patatt sign If patatt is not finding your PGP key, try adding the following to your ~/.gitconfig: [user] signingkey = [yourkeyid] To find out your keyid, run gpg --list-secret-keys. If you want to use a specific subkey, you can specify the subkey ID with a ! at the end. USING AS A GIT HOOK If you use git-send-email for sending patches, then you can get them automatically signed via the sendemail-validate hook. To install, run the following command in the repository you want enabled for signing: $ patatt install-hook Or you can install it manually: $ echo 'patatt sign --hook "${1}"' >> .git/hooks/sendemail-validate $ chmod a+x .git/hooks/sendemail-validate SUBCOMMANDS o sign: sign stdin or RFC2822 files passed as arguments o validate: basic validation for signed messages o genkey: generate a new ed25519 keypair o install-hook: install sendemail-validate hook in the current repository You can run patatt [subcommand] --help to see a summary of flags for each subcommand. SUPPORT Please email tools@linux.kernel.org with support requests. AUTHOR mricon@kernel.org License: MIT-0 COPYRIGHT The Linux Foundation and contributors 0.6.0 2022-08-22 PATATT(5)