Skip to content

Instantly share code, notes, and snippets.

@atelic

atelic/keybase_and_github.md

Created February 21, 2017 20:08
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save atelic/efdf82e027733d71a356a3aeacd3d67e to your computer and use it in GitHub Desktop.
Save atelic/efdf82e027733d71a356a3aeacd3d67e to your computer and use it in GitHub Desktop.
Download ZIP
Raw
keybase_and_github.md

Setting up Keybase and GitHub signatures

  1. Install Keybase and login
    1. $ brew cask install keybase
    2. $ keybase login
  2. Create a new GPG key on keybase
    1. $ keybase pgp gen --multi
    2. Follow instructions
    3. Note: the email used in the key must match the user email in your ~/.gitconfig
  3. Set up Git to sign all commits
    1. $ gpg --list-secret-keys
    2. $ git config --global user.signingkey sec
    3. $ git config --global commit.gpgsign true
  4. Add public GPG key to GitHub
    1. Go to https://github.com/settings/keys
    2. $ keybase pgp export -q ID | pbcopy
    3. New GPG Key > paste > save
  5. Import key to GPG on another host
    1. $ keybase pgp export -q ID | gpg --import
    2. $ keybase pgp export -q ID --secret | gpg --allow-secret-key-import --import
  6. Set as default GPG key
    1. vim ~/.gnupg/gpg.conf
    2. Add line: default-key sec
  7. Optional: Fix for Git UIs
    1. If you use a UI such as Git Tower or Github Desktop, you may need to configure git to point to the specific gpg executable:
    2. git config --global gpg.program $(which gpg)
  8. Optional: Disable TTY
    1. If you have problems with making autosigned commits from IDE or other software add no-tty config
    2. vim ~/.gnupg/gpg.conf
    3. Add line: no-tty
  9. Optional: Setting up TTY
    1. Depending on your personal setup, you might need to define the tty for gpg whenever your passphrase is prompted. Otherwise, you might encounter an Inappropriate ioctl for device error.
    2. vim ~/.profile (or other file that is sourced every time)
    3. Paste: GPG_TTY=$(tty) export GPG_TTY
  10. Optional: Don't ask for password every time
    1. $ brew install gpg-agent pinentry-mac
    2. vim ~/.gnupg/gpg-agent.conf
    3. Paste: use-standard-socket pinentry-program /usr/local/bin/pinentry-mac
  11. Commit and sign away!
    1. git commit -S -m “Great atomic code”
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment