Make Verified Commits

🎯 Goal: How to make commits that show the green "Verified" badge on GitHub.

✅ What You Need:

A GitHub account
Git installed on your computer
GitHub CLI or GPG/SSH key setup (explained below)

✨ What is a Verified Commit?

A verified commit means GitHub has confirmed the commit was made by you and was signed with a trusted key (GPG or SSH).

You'll see a green Verified badge next to the commit like this:

✔️ Verified

🎓 Method 1: Verified Commits Using SSH Key

Step 1: Check if You Already Have an SSH Key

Open your terminal and run:

ls ~/.ssh

Look for a file like id_ed25519.pub or id_rsa.pub. If you don't see one, generate a new key.

Step 2: Generate a New SSH Key (If Needed)

ssh-keygen -t ed25519 -C "your_email@example.com"

Just press Enter for each prompt.

Step 3: Add the SSH Key to GitHub

Copy the SSH key:

cat ~/.ssh/id_ed25519.pub

Go to GitHub SSH Settings
Paste the key, give it a name, and click Add SSH Key

Step 4: Tell Git to Use This Key

Edit or create the file ~/.ssh/config:

Host github.com
  HostName github.com
  User git
  IdentityFile ~/.ssh/id_ed25519
  IdentitiesOnly yes

Step 5: Make a Commit That is Verified

Now that your identity is confirmed by SSH:

Make a change to your code
Commit it:

git commit -m "🌟 Your message"

Push:

git push origin branch-name

GitHub will show the Verified badge!

🔐 Method 2: Verified Commits Using GPG Key

Step 1: Install GPG

Windows: Install Gpg4win
macOS: Run brew install gnupg
Linux: Run sudo apt install gnupg

Step 2: Generate a GPG Key

gpg --full-generate-key

Choose option 1 (RSA and RSA)
Use key size 4096
Set expiration if desired
Enter your GitHub email address when prompted

Step 3: List Your Keys

gpg --list-secret-keys --keyid-format LONG

You’ll see something like:

sec   rsa4096/3AA5C34371567BD2 2025-05-06 [SC]

Copy the part after rsa4096/ — in this case, 3AA5C34371567BD2

Step 4: Tell Git to Use This Key

git config --global user.signingkey 3AA5C34371567BD2
git config --global commit.gpgsign true

Step 5: Add the Key to GitHub

Export your public GPG key:

gpg --armor --export your_email@example.com

Copy the output
Go to GitHub GPG Settings → New GPG key
Paste and save

Step 6: Make a Verified Commit

Now commit and push:

git commit -m "🔐 Verified via GPG"
git push origin branch-name

Your commit will now show as Verified.

🎉 Done!

You now know how to make verified commits using either SSH or GPG.

✅ What You Need:​

✨ What is a Verified Commit?​

🎓 Method 1: Verified Commits Using SSH Key​

Step 1: Check if You Already Have an SSH Key​

Step 2: Generate a New SSH Key (If Needed)​

Step 3: Add the SSH Key to GitHub​

Step 4: Tell Git to Use This Key​

Step 5: Make a Commit That is Verified​

🔐 Method 2: Verified Commits Using GPG Key​

Step 1: Install GPG​

Step 2: Generate a GPG Key​

Step 3: List Your Keys​

Step 4: Tell Git to Use This Key​

Step 5: Add the Key to GitHub​

Step 6: Make a Verified Commit​

🎉 Done!​

✅ What You Need:

✨ What is a Verified Commit?

🎓 Method 1: Verified Commits Using SSH Key

Step 1: Check if You Already Have an SSH Key

Step 2: Generate a New SSH Key (If Needed)

Step 3: Add the SSH Key to GitHub

Step 4: Tell Git to Use This Key

Step 5: Make a Commit That is Verified

🔐 Method 2: Verified Commits Using GPG Key

Step 1: Install GPG

Step 2: Generate a GPG Key

Step 3: List Your Keys

Step 4: Tell Git to Use This Key

Step 5: Add the Key to GitHub

Step 6: Make a Verified Commit

🎉 Done!