brew install gnupg pinentry-mac
(this includes gpg-agent and pinentry)- Generate a key:
gpg --full-generate-key
- Use at least 4096 bits for RSA keys.
- Tell gpg-agent to use pinentry-mac:
vim ~/.gnupg/gpg-agent.conf
paste in
# Connects gpg-agent to the OSX keychain via the brew-installed$
# pinentry program from GPGtools. This is the OSX 'magic sauce',$
# allowing the gpg key's passphrase to be stored in the login$
# keychain, enabling automatic key signing.$
pinentry-program /usr/local/bin/pinentry-mac
Also tell gpg to use the agent:
vim ~/.gnupg/gpg.conf
Paste in
use-agent
- Tell git about it: https://git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work.
gpg --list-keys
/Users/schacon/.gnupg/pubring.gpg
---------------------------------
pub rsa4096 2014-06-04 [SC]
D375F2AG69227695AEDE12DAC793FA377AB5A26
uid John Doe <john.doe@email.com>
sub rsa4096 2014-06-04
git config --global user.signingkey 0A46826A
- Tell git that you are using gpg
git config --global gpg.program gpg
- Tell github about it https://help.github.com/articles/adding-a-new-gpg-key-to-your-github-account/
- Restart maybe or kill any running gpg-agents. They will not work.
- Sign your commits
git commit -S -m 'yolo'
- Consider signing all your commits. In
~/.gitconfig
:
[commit]
gpgsign = true
or
$ git config --global commit.gpgsign true
View your keys with gpg --list-keys
Generate the rsa key using:
gpg --armor --export your_key
or gpg --armor --export your_key | pbcopy
to copy the stdo into your clipboard.
And add it on GitHub.
gpg --list-keys
to list all the key(s) on your machine
then:
gpg --delete-key your_key
If there is a secret key associate with the above public, you will be prompted on the terminal. You need to delete the secret key as well.
gpg --delete-secret-key {your_key}
Confirm yes on several prompts to really delete your key.
then try: gpg --delete-key {your_key}
to delete it.
Confirm your key list with gpg --list-keys
command again.