1PATATT(5) PATATT(5)
2
6 PATATT - DKIM-like cryptographic patch attestation
7
9 patatt {sign,validate,genkey,install-hook} [options]
10
12 This tools allows cryptographically signing patches sent via email by
13 using DKIM-like message headers. This approach is both effective and
14 doesn't interfere with other code review tools the way inline or de‐
15 tached PGP signatures do. For a full overview of core concepts and con‐
16 siderations, please see README.
17 If you already have a PGP key configured for signing git tags or com‐
19 mits, then you should be able to use patatt without any additional con‐
20 figuration. Try running the following in any git repository:
21 git format-patch -1 --stdout | patatt sign
23 If patatt is not finding your PGP key, try adding the following to your
25 ~/.gitconfig:
26 [user]
28 signingkey = [yourkeyid]
29 To find out your keyid, run gpg --list-secret-keys. If you want to use
31 a specific subkey, you can specify the subkey ID with a ! at the end.
32
34 If you use git-send-email for sending patches, then you can get them
35 automatically signed via the sendemail-validate hook. To install, run
36 the following command in the repository you want enabled for signing:
37 $ patatt install-hook
39 Or you can install it manually:
41 $ echo 'patatt sign --hook "${1}"' >> .git/hooks/sendemail-validate
43 $ chmod a+x .git/hooks/sendemail-validate
44
46 • sign: sign stdin or RFC2822 files passed as arguments
47 • validate: basic validation for signed messages
49 • genkey: generate a new ed25519 keypair
51 • install-hook: install sendemail-validate hook in the current reposi‐
53 tory
54 You can run patatt [subcommand] --help to see a summary of flags for
56 each subcommand.
57
59 Please email tools@linux.kernel.org with support requests.
60
62 mricon@kernel.org
63 License: MIT-0
65
67 The Linux Foundation and contributors
680.6.0 2022-08-22 PATATT(5)