https://help.github.com/en/articles/managing-commit-signature-verification
-
Check for existing GPG keys
gpg --list-secret-keys --keyid-format LONG
If there is a GPG key, skip to Step 4
-
Create a GPG key if you don't already have one
gpg --full-generate-key
Answer the questions, and use your GitHub email.
-
Make sure you now have a GPG key
gpg --list-secret-keys --keyid-format LONG
-
Copy the GPG key ID. In this example, the GPG key ID is
3AA5C34371567BD2$ gpg --list-secret-keys --keyid-format LONG /Users/hubot/.gnupg/secring.gpg ------------------------------------ sec 4096R/3AA5C34371567BD2 2016-03-10 [expires: 2017-03-10] uid Hubot ssb 4096R/42B317FD4BA89E7A 2016-03-10
-
Paste the text below, substituting in your GPG key ID. In this example, the GPG key ID is
3AA5C34371567BD2:gpg --armor --export 3AA5C34371567BD2 # Prints the GPG key ID, in ASCII armor format -
Copy your GPG key, beginning with
-----BEGIN PGP PUBLIC KEY BLOCK-----and ending with-----END PGP PUBLIC KEY BLOCK----- -
Add your GPG key to your GitHub account in settings
Settings>SSH and GPG Keys>New GPG KeyPaste your GPG key into the "key" field and save.
-
Paste the text below, substituting in the GPG key ID, to set your GPG signing key in Git. In this example, the GPG key ID is
3AA5C34371567BD2:git config --global user.signingkey 3AA5C34371567BD2
-
Add this line to your bash/zsh profile
export GPG_TTY=$(tty)
-
Tell Git to sign every commit
git config --global commit.gpgsign true -
Add these lines to your
~/.gnupg/gpg-agent.confto make gpg remember your passphrase usinggpg-agentdefault-cache-ttl 34560000 max-cache-ttl 34560000
34560000 seconds = 400 days
-
Restart
gpg-agentfor changes to take effectgpg-connect-agent reloadagent /bye
If
gpg-agentis not running you can start it with this commandgpg-agent --daemon