grarpamp's email address proposed a way to sign messages using age. You publicise a private key, and encrypt hashes to it. age ostensibly has a way to generate public keys from private keys, in this commit, haven't looked: https://github.com/FiloSottile/age/commit/f31d4eca473cb904174bc3658f84dbc1b6... seems it would be fun to use the message signing approach. My local age is version 1.0.0~rc1 and does not yet have the -y option needed for making the encrypted signatures. $ age --version 1.0.0~rc1 I seem to already have a ~/src/age folder with git sources, so I tried to pull the latest changes and rebuild. Unfortunately, the latest changes are a different codebase from mine: ubuntu@ubuntu:~/src/age $ git remote -v origin https://github.com/FiloSottile/age.git (fetch) origin https://github.com/FiloSottile/age.git (push) ubuntu@ubuntu:~/src/age $ git pull fatal: refusing to merge unrelated histories It turns out my repo was on the master branch, which has somehow had its history entirely rebased. Whereas the branch renamed to main, has history that aligns with my history. $ git merge origin/main # fast-forwards fine $ git checkout -b main $ git merge origin/master # fails, unrelated histories repo commits: ubuntu@ubuntu:~/src/age $ git log origin/master | head commit 80a2ea62921170c29f66461b9c1221746ad9b0ab Author: Filippo Valsorda Date: Tue Sep 7 11:15:17 2021 +0200 Placeholder branch for Homebrew migration ubuntu@ubuntu:~/src/age $ git log origin/main | head commit 34118023094cf02fc68c84968df92a7495ce17e9 Author: Filippo Valsorda Date: Fri Jan 7 12:25:26 2022 +0100 cmd/age: offer a hint when the file was corrupted by PowerShell I would still like to find a way to offer a warning while doing the encryption, rather than at decryption time, but better than nothing. Updates #290 However!, unfortunately: ubuntu@ubuntu:~/src/age $ git log f31d4eca473cb904174bc3658f84dbc1b6dc195d fatal: bad object f31d4eca473cb904174bc3658f84dbc1b6dc195d The commit containing the -y option does not appear to be on any of the branches the server sent. I'm sure it is somewhere!