- From GPG4Win
- Command line:
gpg-connect-agent /bye
to start the gpg-connect agent.
Log output
gpg-connect-agent: no running gpg-agent - starting 'C:\\Program Files (x86)\\Gpg4win\\..\\GnuPG\\bin\\gpg-agent.exe'
gpg-connect-agent: waiting for the agent to come up ... (5s)
gpg-connect-agent: connection to the agent established
- Edit
%APPDATA%\.gnupg\gpg-agent.conf
to enable PuTTY compatibility
File content
enable-putty-support
enable-ssh-support
use-standard-socket
default-cache-ttl 600
max-cache-ttl 7200
- Command line:
gpg-connect-agent killagent /bye && gpg-connect-agent /bye
to restart the agent.
Log output
OK closing connection
gpg-connect-agent: no running gpg-agent - starting 'C:\\Program Files (x86)\\Gpg4win\\..\\GnuPG\\bin\\gpg-agent.exe'
gpg-connect-agent: waiting for the agent to come up ... (5s)
gpg-connect-agent: connection to the agent established
- Open "Kleopatra" and import the YubiKey public keys.
- Choose "Import" and select your
XXX_public.asc
to import your public key. - Trust your key with lvl-5 (ultimate) trust.
gpg --edit-key XXX-XXX-XXX
trust
and choose5
, theny
. Return withquit
.- (Should be optional:) Restart gpg agent as shown in step 4.
- Kleopatra should now show the key as certified.
- Copy your signing key ID. (Either from GitHub / GitLab / ... or from Kleopatra)
- Configure:
git config --global commit.gpgsign true
to enable GPG signing on all projects. - Configure:
git config --global user.signingkey XXX-XXX-XXX
to tell Git which key to use. - (Optionally:) Verify that your commit signing works by committing something.
- Install PuTTY (if you haven't already). So that we can use PLink as the SSH gateway application for Git. For better compatibility with our configurations, I'd recommend unchecking setting any defaults in the installer.
- Set your
GIT_SSH
environment variable to useC:\Program Files\PuTTY\plink.exe
. - Because of the env-change, restart your IDE applications (like IDEA, VSCode etc.)
Nearly all of this setup is derived from other online sources. Since no of the guides appears to be entirely up to date / cover my entire use case, I've created this as a note to myself.