I have just lost my old gpg key by accident. I'm wondering if I can remove each commit's gpg sign or resign it with my new gpg key?
Is there a way to remove gpg sign of all previous commits or resign it with another gpg key
I know this is an old question but i came across a similiar situation where i had to sign(re-sign actually) bunch of old commits. First confirm how many of the previous commits you want to (re)sign:
git log --show-signature
Suppose you want to sign the previous 5 commits then you can do:
git rebase -i HEAD~5
In the editor you will see your commits:
...
pick 4dd9ec5 fixed wrong config
pick 89d21f4 minor fix
...
Just add this line after every commit that you want to sign(re-sign).
exec git commit --amend --no-edit -s
So it would look like :
...
pick 4dd9ec5 fixed wrong config
exec git commit --amend --no-edit -s
pick 89d21f4 minor fix
exec git commit --amend --no-edit -s
...
Save and exit:
NOTE: Make sure you have force push priviledge (git push -f) in the upstream repository because this most likely would require to push with all force.
ANOTHER NOTE: With this method you can sign all but one previous commit. You may not be able to sign your initial commit.
Regarding your last comment: Doesn't
git rebase --root allow that? –
Kenzie To remove a GPG signature from a previous commit, first make sure commits are not signed automatically:
git config commit.gpgsign false
Then amend the commit with:
git commit --amend --no-edit --no-signoff
The --no-signoff option is the one that removes the signature
© 2022 - 2025 — McMap. All rights reserved.
git rebase --exec 'git commit --amend --no-edit -S <keyid>? – Elbertelberta-S<keyid>with no space;-S <keyid>is treated as-S, i.e., no key-ID specified, and then the keyid argument is treated as a file name (which gets you the pathspec error). – Cedillo