diff --git a/verify.py b/verify.py
index 8d7330c..ae8ce66 100755
--- a/verify.py
+++ b/verify.py
@@ -33,9 +33,10 @@ def last_commit_for(dir: Path, ref: git.Reference):
 
 
 def keylist_to_principals(keyfile_text: str, email: str) -> str:
+    # trailing newline, otherwise git may get confused and reject the key
     return "\n".join(
         f"{email} {public_key}" for public_key in keyfile_text.splitlines()
-    )
+    ) + "\n"
 
 
 def get_forgejo_keys(username: str) -> str:
@@ -53,7 +54,8 @@ def verify_dir(dir: Path, ref: git.Reference):
         raise Exception("Missing keyfile")
     commit = last_commit_for(dir, ref)
     log.debug(f"Found last commit: {commit.name_rev}")
-    if commit.author.name != username:
+    # ignore author casing
+    if commit.author.name.lower() != username.lower():
         raise Exception(
             f"Commit author {commit.author.name} is not the owner of this directory."
         )
@@ -80,9 +82,10 @@ def verify_dir(dir: Path, ref: git.Reference):
             config.set_value("gpg.ssh", "allowedSignersFile", temp_keyfile.name)
 
         temp_keyfile_contents = keylist_to_principals(remote_keys, email)
-        log.debug(f"temp keyfile:\n{temp_keyfile_contents}")
         temp_keyfile.write(temp_keyfile_contents)
         temp_keyfile.flush()
+
+        log.debug(f"temp keyfile:\n{Path(temp_keyfile.name).read_text()}")
         # Check whether one of the user keys signed this commit.
         # throws an exception automatically if verification fails, nothing else to do
         ref.repo.git.verify_commit("--raw", commit.hexsha)