GPG and git on macOS
Setup
No need for homebrew or anything like that. Works with https://www.git-tower.com and the command line.
- Install https://gpgtools.org -- I'd suggest to do a customized install and deselect GPGMail.
- Create or import a key -- see below for https://keybase.io
- Run
gpg --list-secret-keysand look forsec, use the key ID for the next step - Configure
gitto use GPG -- replace the key with the one fromgpg --list-secret-keys
git config --global gpg.program /usr/local/MacGPG2/bin/gpg2
git config --global user.signingkey A6B167E1
git config --global commit.gpgsign true
- Optionally configure annotated tags to be GPG signed
git config --global tag.forceSignAnnotated true
- Add this line to
~/.gnupg/gpg-agent.conf
pinentry-program /usr/local/MacGPG2/libexec/pinentry-mac.app/Contents/MacOS/pinentry-mac
- Add this line to
~/.gnupg/gpg.conf
no-tty
Keybase.io
Import key to GPG on another host
% keybase pgp export
% keybase pgp export -q CB86A866E870EE00 | gpg --import
% keybase pgp export -q CB86A866E870EE00 --secret | gpg --allow-secret-key-import --import
Add public GPG key to GitHub
% open https://github.com/settings/keys
% keybase pgp export -q CB86A866E440EE00 | pbcopy
See Also
- https://github.com/pstadler/keybase-gpg-github
/usr/local/MacGPG2-- this is where MacGPG binaries live- https://gpgtools.org
- https://www.git-tower.com
If you have already followed the instructions on Git to Generate a new GPG key, and you now want to use GPGTools to manage your key in the keychain, you can use this command to export from
gpg(which GnuPG uses) and intogpg2(which GPGTools uses).After running command you will see the key imported into GPG Keychain UI with type
sec/pub. I was then able to sign commits automatically via pinentry without entering a password (such as on Github Desktop).source: https://unix.stackexchange.com/questions/481939/how-to-export-a-gpg-private-key-and-public-key-to-a-file