Skip to content

Instantly share code, notes, and snippets.

@danieleggert
Last active June 6, 2024 09:29
Show Gist options
  • Save danieleggert/b029d44d4a54b328c0bac65d46ba4c65 to your computer and use it in GitHub Desktop.
Save danieleggert/b029d44d4a54b328c0bac65d46ba4c65 to your computer and use it in GitHub Desktop.
How to set up git to use the GPG Suite

GPG and git on macOS

Setup

No need for homebrew or anything like that. Works with https://www.git-tower.com and the command line.

  1. Install https://gpgtools.org -- I'd suggest to do a customized install and deselect GPGMail.
  2. Create or import a key -- see below for https://keybase.io
  3. Run gpg --list-secret-keys and look for sec, use the key ID for the next step
  4. Configure git to use GPG -- replace the key with the one from gpg --list-secret-keys
git config --global gpg.program /usr/local/MacGPG2/bin/gpg2
git config --global user.signingkey A6B167E1 
git config --global commit.gpgsign true 
  1. Optionally configure annotated tags to be GPG signed
git config --global tag.forceSignAnnotated true
  1. Add this line to ~/.gnupg/gpg-agent.conf
pinentry-program /usr/local/MacGPG2/libexec/pinentry-mac.app/Contents/MacOS/pinentry-mac
  1. Add this line to ~/.gnupg/gpg.conf
no-tty

Keybase.io

Import key to GPG on another host

% keybase pgp export
% keybase pgp export -q CB86A866E870EE00 | gpg --import
% keybase pgp export -q CB86A866E870EE00 --secret | gpg --allow-secret-key-import --import

Add public GPG key to GitHub

% open https://github.com/settings/keys
% keybase pgp export -q CB86A866E440EE00 | pbcopy

See Also

@jdsampayo
Copy link

It appears in Homebrew new directory is /opt/homebrew/bin/pinentry-mac

@ZeroDeth
Copy link

2. git config --global gpg.program /usr/local/bin/gpg

Working. Thanks

@rifont
Copy link

rifont commented Sep 17, 2023

If you have already followed the instructions on Git to Generate a new GPG key, and you now want to use GPGTools to manage your key in the keychain, you can use this command to export from gpg (which GnuPG uses) and into gpg2 (which GPGTools uses).

> gpg --list-secret-keys
[keyboxd]
---------
sec   rsa4096 2023-09-16 [SC]
      YOUR_SECRET_KEY_ID
uid           [ unknown] Joe Bloggs <joe@bloggs.com>

> gpg --export-secret-key <YOUR_SECRET_KEY_ID> | gpg2 --import

After running command you will see the key imported into GPG Keychain UI with type sec/pub. I was then able to sign commits automatically via pinentry without entering a password (such as on Github Desktop).

source: https://unix.stackexchange.com/questions/481939/how-to-export-a-gpg-private-key-and-public-key-to-a-file

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment