That command will produce a list of (dynamic) libraries that are being used by that helper. It will look somewhat like this (this is copied from my Arch instalation):

	linux-vdso.so.1 (0x00007edb2f060000)
	libcurl.so.4 => /usr/lib/libcurl.so.4 (0x00007edb2ee6f000)
	libpcre2-8.so.0 => /usr/lib/libpcre2-8.so.0 (0x00007edb2edd1000)
	libz.so.1 => /usr/lib/libz.so.1 (0x00007edb2edb8000)
	libc.so.6 => /usr/lib/libc.so.6 (0x00007edb2ebcc000)
	libnghttp3.so.9 => /usr/lib/libnghttp3.so.9 (0x00007edb2eba9000)
	libnghttp2.so.14 => /usr/lib/libnghttp2.so.14 (0x00007edb2eb7f000)
	libidn2.so.0 => /usr/lib/libidn2.so.0 (0x00007edb2eb5b000)
	libssh2.so.1 => /usr/lib/libssh2.so.1 (0x00007edb2eb12000)
	libpsl.so.5 => /usr/lib/libpsl.so.5 (0x00007edb2eafe000)
	libssl.so.3 => /usr/lib/libssl.so.3 (0x00007edb2ea24000)
	libcrypto.so.3 => /usr/lib/libcrypto.so.3 (0x00007edb2e400000)
	libgssapi_krb5.so.2 => /usr/lib/libgssapi_krb5.so.2 (0x00007edb2e9d0000)
	libzstd.so.1 => /usr/lib/libzstd.so.1 (0x00007edb2e8ef000)
	libbrotlidec.so.1 => /usr/lib/libbrotlidec.so.1 (0x00007edb2e8e0000)
	/lib64/ld-linux-x86-64.so.2 => /usr/lib64/ld-linux-x86-64.so.2 (0x00007edb2f062000)
	libunistring.so.5 => /usr/lib/libunistring.so.5 (0x00007edb2e250000)
	libkrb5.so.3 => /usr/lib/libkrb5.so.3 (0x00007edb2e178000)
	libk5crypto.so.3 => /usr/lib/libk5crypto.so.3 (0x00007edb2e14a000)
	libcom_err.so.2 => /usr/lib/libcom_err.so.2 (0x00007edb2e8d8000)
	libkrb5support.so.0 => /usr/lib/libkrb5support.so.0 (0x00007edb2e13c000)
	libkeyutils.so.1 => /usr/lib/libkeyutils.so.1 (0x00007edb2e8d1000)
	libresolv.so.2 => /usr/lib/libresolv.so.2 (0x00007edb2e12a000)
	libbrotlicommon.so.1 => /usr/lib/libbrotlicommon.so.1 (0x00007edb2e107000)

It might be a good idea actually to try running this both when it works and when it doesn’t, maybe there is some difference?

ldd /usr/lib/git-core/git-remote-https?

Have you tried etckeeper? I haven’t, but it’s supposed to be an improvement over just using git in this usecase.

I am no cryptographer, but I understand that in the SSH protocol, the keys are only used for signing anyway: that is, the user is authenticated by saying “I want to authenticate with some key, and here’s some data signed by this key”, and this is completely separate to encryption. It also seems that GitHub encourages using separate keys for commit signing and general SSH access, which might alleviate some of the ickyness.

You are really not wrong though, I feel like people only started using SSH for this because it kinda worked and they already have been familiar with it.

Just wanted to say that you actually can sign git commits using SSH keys! :) It’s nowhere close to being as flexible as what you suggest, but it’s also not GPG, so there’s that.

You could make an argument that not using banking apps decreases your security, since most banks use either SMS or those apps as the second factor while confirming the operations. It is true that the apps are of varying quality, but SMS is not really a serious alternative. Some banks do have apps that are limited to confirming operations, and one bank where I live did recently start accepting U2F, which is amazing news.

Same for Polish. One funny thing I’ve noticed is that in one of the examples, the person tries to stay at a hotel, and the price is clearly in the old currency, which has not been used since 1997.