Gitfox
🌙

Commit Signing

Gitfox supports commit signing with OpenPGP and SSH keys in the direct-download and Setapp versions.

The Mac App Store version does not support commit signing.

Choose a signing key

Open Settings → Identities & Signing and create an identity. In the signing key picker you can:

OpenPGP keys that are expired, revoked, disabled, invalid, or unavailable are shown but cannot be selected.

Configure SSH trust

SSH signing uses Git's allowed signers file. Open Gitfox → Settings → Git and configure SSH Allowed Signers File if you want Gitfox to manage the configured file path.

When you add an identity with an SSH signing key, Gitfox adds that identity's email address and public key to the configured allowed signers file. If Git does not have gpg.ssh.allowedSignersFile configured yet, Gitfox creates ~/.config/git/allowed_signers and configures Git to use it.

OpenPGP signing uses your existing GPG keyring and Git configuration.

Sign a commit

The commit button menu exposes Sign Commit controls:

When signing is enabled, Gitfox passes the selected identity signing key to Git. SSH public keys are passed in the format Git expects for inline key material.