How so show SSH key in git log?

Question

We are using git with gitolite and sometimes my users change there names with

git config --global user.name 

so I would like to see some more details in the log to find out if someone has change the name setting but is still the same workstation (ssh key). Anyway to do this?

Answer 1

In the gitolite 3.x you can IIRC add a VREF constraint that committer (or author) matches SSH key used, or HTTP auth user (I guess it uses the username part of user.email, or whole of user.email).

Though this is discouraged as a pre-receive hook (i.e. block), you can set up post-receive hook instead to log and compare committers with auth usernames.

Answer 2

IMO, the ssh keys in commit messages will be a complete overkill. You don't want your commit messages to look up completely screwed some x days later, just because each of them contain different ssh keys.

You should have a look at git notes to supplement your commits with additonal information. In the notes, you can add the committer's Username and other environment variables.

Worst case, you can add the ssh keys in git notes, though I am not sure how that stops malicious users who currently fake commits in some other user's name from trying to hack around and get hold of some other user's ssh keys. More importantly, if developers are doing this in complicity with each other, the ssh keys will be completely insufficient.

Assuming you are on linux, you can get the username using

printenv | grep USER

You can similarly choose other details you need from the environment that you need to put into the git note.

Next, you can write a post-commit hook which automatically adds all this information post every commit.