Skip to content

Instantly share code, notes, and snippets.

@pavel-rossinsky

pavel-rossinsky/gpg_keys.md

Last active April 26, 2020 10:57
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save pavel-rossinsky/617cee971570e6a852bb90315c5c8612 to your computer and use it in GitHub Desktop.
Save pavel-rossinsky/617cee971570e6a852bb90315c5c8612 to your computer and use it in GitHub Desktop.
Download ZIP
Commit Signature Verification. GPG keys.
Raw
gpg_keys.md

Managing commit signature verification on Mac. The way to auto sign-commits.

Generating a new GPG key

  1. Check if gpg2 is installed, run which gpg2 if the command outputs nothing, install GPG Keychain.
  2. Using the GPG Keychain utility generate a new key pair.
  3. In the GPG Keychain, export the public key, save it to your documents folder.
  4. Login to your GitHub account and navigate to https://github.com/settings/keys.
  5. Open the exported public key and copy its contents.
  6. Get back to GitHub, press the "New GPG key" button and paste the copied key.
  7. Run git config --global gpg.program gpg2, to make sure git uses gpg2 and not gpg.
  8. Git needs to know which key it is signing with, for this run 
    $ gpg --list-secret-keys --keyid-format LONG
 /Users/hubot/.gnupg/secring.gpg
 ------------------------------------
 sec   4096R/3AA5C34371567BD2 2016-03-10 [expires: 2017-03-10]
 uid                          Hubot 
 ssb   4096R/42B317FD4BA89E7A 2016-03-10
    Copy the key ID you'd like to use. In this example, the GPG key ID is3AA5C34371567BD2.
  9. To set your GPG signing key in Git, paste the text below, substituting in the GPG key ID you'd like to use. In this example, the GPG key ID is 3AA5C34371567BD2: git config --global user.signingkey 3AA5C34371567BD2.
  10. Run git config --global commit.gpgsign true, this config option allows to sign all commits automatically.
  11. Run git config --list and verify your settings.

Installing the GPG Keychain utility

Download it from https://gpgtools.org/ and follow the installation instructions.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment