Skip to content

Instantly share code, notes, and snippets.

@mujahidk

mujahidk/gpg-key-signing.md

Last active January 18, 2024 22:14
Show Gist options
  • Save mujahidk/128a37abe0bdb0618334cc7079cd615a to your computer and use it in GitHub Desktop.
Save mujahidk/128a37abe0bdb0618334cc7079cd615a to your computer and use it in GitHub Desktop.
Download ZIP
GPG Key signing for Git.
Raw
gpg-key-signing.md

Generating GPG Keys and adding it to Git.

Generating GPG Keys

gpg --gen-key

List all GPG Keys

gpg --list-secret-keys --keyid-format LONG

Using the key from previous command get the public key.

Public key can be added to GitHub for Verified commits.

/home/username/.gnupg/pubring.gpg
---------------------------------
sec   rsa2048/KKKKKKKKKKKKKKKK 2017-12-16 [SC]
      XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
uid                 [ xxxxxxx] Your Name <your-email@example.com>
ssb   rsa2048/XXXXXXXXXXXXXXXX 2017-12-16 [E]

KKKKKKKKKKKKKKKK is your secret key.

gpg --armor --export secret-key

Configure Git to use GPG Keys for signing commits.

# Global use
git config --global user.signingkey secret-key

# Repository use
git config user.signingkey secret-key

Git commit signing (-S parameter)

git commit -S -m "Commit message"

Enable default signing

git config --global commit.gpgsign true

GPG commit signatures

git log -4 --show-signature

Using GPG Public Key to encrypt.

Some one's public GPG Key.

gpg --import gpg-public-key.gpg

Encrypting a file using Public Key.

gpg --output new-encrypted-file.doc --encrypt --recipient recipient-email@example.com

Decrypting an Encrypted file.

gpg --output new-decrypted-file.doc --decrypt encrypted-file.doc

Testing gpg

echo "test" | gpg --clearsign

Issues and fixes

gpg: signing failed: Inappropriate ioctl for device

export GPG_TTY=$(tty)

Installing GPG on MacOS

brew install gpg2 gnupg pinentry-mac
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment