Is it possible to sign Git commits on a different computer?
I'm doing some development work on an untrusted computer. I'd like to sign my commits I make from it, but I don't want my personal PGP key to touch this computer. Or maybe I'm using a PGP smart card and I can't present it to the computer because of a lack of smart card reader.
Usually Git commit signing works by calling into the gpg executable on the local machine somehow. If I need to use a key that can't leave a computer, I'd do the commit from the computer that has the key. However, in this case, I can only make commits from this untrusted PC because it lives inside a private network and I can't get at the Git repository from outside.
I'd like to create a commit, then export some data object from the untrusted PC, bring it to the trusted PC, run a PGP command on this data, then bring the result back to the untrusted PC, and as a result the Git commit would become signed.
Is this possible and how would I set it up?
