On 19.11.2021 03:46, Thor Andreas Rognan wrote:
Thank you for filling out a Git bug report! Please answer the following questions to help us understand your issue. What did you do before the bug happened? (Steps to reproduce your issue) $ ssh-keygen -t ed25519 -C "me@xxxxxxxxxxx" $ mkdir -pv ~/tmp/example && cd ~/tmp/example && git init $ git config commit.gpgsign true $ git config gpg.format ssh $ git config user.signingkey "$(cat ~/.ssh/id_ed25519.pub)" $ mkdir -p ~/.config/git/ && touch ~/.config/git/allowed_signers\ && chmod 0600 ~/.config/git/allowed_signers $ cat ~/.ssh/id_ed25519.pub | awk '{print email " " $0}' email=$(git config user.email)\ >> ~/.config/git/allowed_signers $ git config gpg.ssh.allowedSignersFile "$HOME/.config/git/allowed_signers" $ git commit --allow-empty -m "Initial commit" $ git verify-commit HEAD What did you expect to happen? (Expected behavior) A verified signature without any error message. What happened instead? (Actual behavior) $ git verify-commit HEAD Good "git" signature with ED25519 key SHA256:... Too few arguments for sign/verify: missing namespace $ git log --show-signature commit 4697b474dd5ec0de14870d5b0eba5f579b852bbd (HEAD -> main) Good "git" signature with ED25519 key SHA256:... Too few arguments for sign/verify: missing namespace^M What's different between what you expected and what actually happened? Ambiguous signature verification message. Anything else you want to add: Please review the rest of the bug report below. You can delete any lines you don't wish to share. [System Info] git version: git version 2.34.0 cpu: x86_64 no commit associated with this build sizeof-long: 8 sizeof-size_t: 8 shell-path: /bin/sh uname: Darwin 20.6.0 Darwin Kernel Version 20.6.0: Mon Aug 30 06:12:21 PDT 2021; root:xnu-7195.141.6~3/RELEASE_X86_64 x86_64 compiler info: clang: 13.0.0 (clang-1300.0.29.3) libc info: no libc information available $SHELL (typically, interactive shell): /usr/local/bin/bash [Enabled Hooks]
Hi Thor, thanks for your report. I'm curious why verify complains about a missing namespace. This parameter is basically hard coded to every command :/ What version of openssh are you using (ssh -V)? Also, could you run the sign & the verify with a `GIT_TRACE=1`? This way we can see what the actual keygen commands are that are executed. Thanks, Fabian