# Signing patches

In any distributed system, it is important to be able to tell your coauthors who you are in a secure way. One possible way to do this is to sign your patches, which Pijul does using PGP keys.

If you choose to do so, others will expect your patches to be signed, and will be able to reject attempts to impersonate you.

Signing patches doesn't prevent others from stealing your patches, ripping off the patches' signatures and signing them as their own, though.

After a keypair is generated, pijul record will automatically sign all your patches.

## Generating a secret key

Pijul can generate signing keys, either per repository (the keys are then stored in the .pijul of that repository) or globally (in which case the keys are stored in your home directory, in .pijulconfig).

To generate a global signing key, run the following command in a terminal:

pijul key gen --signing-id me@example.com


pijul key upload me@nest.pijul.com