# Configuring Signed Commits on Paradime with SSH Keys

This guide explains how to set up SSH key-based commit signing on Paradime, which enhances the security and verification of your Git commits.

### Why Sign Your Commits?

Signing your commits verifies that you are the author of your code changes and helps maintain the integrity of your codebase by preventing commit spoofing.

{% hint style="info" %}

### Prerequisites

* Paradime IDE access
* Git repository initialized in your Paradime workspace
* GitHub account (for adding your signing key)
  {% endhint %}

### Setup Instructions

#### Step 1: Create the Setup Script

In your Paradime IDE, create a new file called `setup_git_signed_commits.sh` with the following content:

```bash
#!/bin/bash

# Function to check if we're in a git repository
check_git_repo() {
    if ! git rev-parse --git-dir > /dev/null 2>&1; then
        echo "Error: Not a git repository"
        exit 1
    fi
}

# Function to generate SSH key
generate_ssh_key() {
    local key_comment=$1
    
    if [ -f ~/.ssh/git_signing_key ]; then
        echo "Warning: SSH key git_signing_key already exists"
        read -p "Do you want to overwrite it? (y/n) " -n 1 -r
        echo
        if [[ ! $REPLY =~ ^[Yy]$ ]]; then
            echo "Aborting..."
            exit 1
        fi
    fi
    
    ssh-keygen -t ed25519 -C "$key_comment" -f ~/.ssh/git_signing_key -N ""
    
    # Set correct permissions
    chmod 600 ~/.ssh/git_signing_key
    chmod 644 ~/.ssh/git_signing_key.pub
}

# Function to configure git
configure_git() {
    echo -e "\nSetting local git configuration to use the generated signing key.."
    
    git config gpg.format ssh
    git config user.signingkey "~/.ssh/git_signing_key.pub"
    git config commit.gpgsign true
    
    echo -e "Git configuration complete!\n\n"
}

# Function to display public key
display_key() {
    echo "Here's your public key to add to GitHub:"
    echo "----------------------------------------"
    cat ~/.ssh/git_signing_key.pub
    echo "----------------------------------------"
    echo "Add this key to GitHub by visiting: https://github.com/settings/keys"
    echo "Make sure to choose the key type as 'Signing Key' when adding it. Once done, your setup is complete."
}

# Main script
main() {
    check_git_repo
    
    # Get user input
    read -p "Enter a comment for your key (e.g., your name, email, etc): " key_comment
    
    # Setup steps
    generate_ssh_key "$key_comment"
    configure_git
    display_key
}

# Run main function
main
```

#### Step 2: Make the Script Executable

Open your Paradime terminal and run the following command to make the script executable:

```bash
chmod +x setup_git_signed_commits.sh
```

#### Step 3: Run the Setup Script

Execute the script by running:

```bash
./setup_git_signed_commits.sh
```

When prompted, enter a comment for your key (typically your name and email address).

#### Step 4: Add Your Signing Key to GitHub

1. Copy the public key that is displayed in the terminal output
2. Go to your GitHub account settings: <https://github.com/settings/keys>
3. Click "New SSH key"
4. Choose "Signing Key" as the key type
5. Paste your public key in the provided field
6. Give your key a descriptive title
7. Click "Add SSH key"

#### Step 5: Verification

Your setup is now complete! Every new commit you make in this repository will be automatically signed with your SSH key.

You can verify a signed commit by viewing it on GitHub, where you should see a "Verified" badge next to properly signed commits.