Skip to content

Instantly share code, notes, and snippets.

@carlosescri

carlosescri/.profile

Forked from bmhatfield/.profile
Last active Oct 22, 2018
Embed
What would you like to do?
Automatic Git commit signing with GPG on OSX
GPG_TTY=$(tty)
export GPG_TTY
# Enables GPG to find gpg-agent
use-standard-socket
# Connects gpg-agent to the OSX keychain via the brew-installed
# pinentry program from GPGtools. This is the OSX 'magic sauce',
# allowing the gpg key's passphrase to be stored in the login
# keychain, enabling automatic key signing.
pinentry-program /usr/local/bin/pinentry-mac
# Uncomment within config (or add this line)
use-agent
# This silences the "you need a passphrase" message once the passphrase handling is all set.
# Use at your own discretion - may prevent the successful interactive use of some operations.
# It is working fine for my use cases though.
batch
# A quick outline of what must be done to get everything working.
# 1) Install the dependencies.
brew install gpg pinentry-mac
# 2) Configure git to automatically gpgsign commits. This consists of
# pointing git to your signing key ID, and then enabling commit
# automatic signing.
git config --global user.signingkey <YOUR-SIGNING-KEY-PUB-ID>
git config --global commit.gpgsign true
# 3) Configure the GPG components (see above for relevant examples):
# ~/.gnupg/gpg.conf
# ~/.gnupg/gpg-agent.conf
# 4) Start the daemon and configure your shell (see above for example in .profile).
# ~/.bash_profile | ~/.zshrc | ~/.profile
# Don't forget to upload your public key to Github!
# https://github.com/blog/2144-gpg-signature-verification
# Note: There needs to be a three-way match on your email for Github to show
# the commit as 'verified': The commit email, github email, & the email associated with the public key
# Learn about creating a GPG key and the knowledge behind these commands here:
# https://git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment