diff options
| author | Nicholas Johnson <nick@nicholasjohnson.ch> | 2023-11-30 00:00:00 +0000 |
|---|---|---|
| committer | Nicholas Johnson <nick@nicholasjohnson.ch> | 2023-11-30 00:00:00 +0000 |
| commit | a72d345f9fd07b9878be09aea90ed53e2e2648c6923ac7fb9abc934daa31e72d (patch) | |
| tree | a4715c1966a939d6715f1c1060bab2c72e8e6d3fea6de1293fc67408cde416f4 /HOWTO.md | |
| parent | b7f7dad048c9568870b2045d0fa67f08c30a42cf0e55abc743672d292c517dfd (diff) | |
| download | git-privacy-a72d345f9fd07b9878be09aea90ed53e2e2648c6923ac7fb9abc934daa31e72d.tar.gz git-privacy-a72d345f9fd07b9878be09aea90ed53e2e2648c6923ac7fb9abc934daa31e72d.zip | |
Switch to the Diátaxis documentation approach
Diffstat (limited to 'HOWTO.md')
| -rw-r--r-- | HOWTO.md | 71 |
1 files changed, 71 insertions, 0 deletions
diff --git a/HOWTO.md b/HOWTO.md new file mode 100644 index 0000000..c926c2d --- /dev/null +++ b/HOWTO.md @@ -0,0 +1,71 @@ +# Git Privacy + +Follow the instructions in this document to obfuscate Git timestamps. + +## View Commit Timestamps + +To view commit timestamps, run: + +```sh +git log --format=fuller +``` + +## Obfuscate Timestamps for Commits and Annotated Tags + +For maximum privacy, set the author and committer dates to a clearly forged fixed date in UTC inside the interactive shell configuration: + +```sh +export GIT_AUTHOR_DATE="2000/01/01T00:00:00+0000" +export GIT_COMMITTER_DATE="$GIT_AUTHOR_DATE" +``` + +To balance privacy and timestamp accuracy, set the author and committer dates to a course-grained date in UTC inside the interactive shell configuration: + +```sh +export GIT_AUTHOR_DATE="$(date -u +%DT00:00:00%z)" +export GIT_COMMITTER_DATE="$GIT_AUTHOR_DATE" +``` + +Remember that shell environment variables do not change after being set, so dates update only after a new interactive shell is opened. + +## Obfuscate Timestamps for Digital Signatures + +For maximum privacy, create a custom version of GnuPG with a fixed timestamp set **between when the signing key was generated and the current date**: + +```sh +#!/bin/sh +gpg --faked-system-time <iso>! $@ +``` + +See gpg(1) for valid `<iso>` formats. + +To balance privacy and timestamp accuracy, create a custom version of GnuPG with a course-grained timestamp in UTC set **after the signing key was generated**: + +```sh +#!/bin/sh +gpg --faked-system-time "$(date -u +%Y%m%dT000000)!" $@ +``` + +Set the script as executable: + +```sh +chmod +x /path/to/custom-gpg.sh +``` + +Tell Git to use the new script: + +```sh +git config --global gpg.program /path/to/custom-gpg.sh +``` + +## Forges + +To prevent forges from tracking Git push times, create a Cron job which pushes the repository at fixed intervals: + +```cron +0 6 * * * git -C /path/to/repo/ push origin master +``` + +## License + +This file is licensed under [CC-BY-SA 4.0](LICENSE). |