---
title: Managing commit signature verification
intro: '{% data variables.product.github %} will verify GPG, SSH, or S/MIME signatures so other people will know that your commits come from a trusted source.{% ifversion fpt %} {% data variables.product.github %} will automatically sign commits you make using the web interface.{% endif %}'
redirect_from:
  - /articles/generating-a-gpg-key
  - /articles/signing-commits-with-gpg
  - /articles/managing-commit-signature-verification
  - /github/authenticating-to-github/managing-commit-signature-verification
versions:
  fpt: '*'
  ghes: '*'
  ghec: '*'
topics:
  - Identity
  - Access management
children:
  - /about-commit-signature-verification
  - /displaying-verification-statuses-for-all-of-your-commits
  - /checking-for-existing-gpg-keys
  - /generating-a-new-gpg-key
  - /adding-a-gpg-key-to-your-github-account
  - /telling-git-about-your-signing-key
  - /associating-an-email-with-your-gpg-key
  - /signing-commits
  - /signing-tags
shortTitle: Verify commit signatures
---