Beyarz/gpg-guide.md

Last active December 11, 2019 23:37

Star () You must be signed in to star a gist
Fork () You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/Beyarz/80868207c5ea8e963c38567c6c6f49ce.js"></script>
Save Beyarz/80868207c5ea8e963c38567c6c6f49ce to your computer and use it in GitHub Desktop.

Download ZIP

Step-by-step guide on how to sign your commits.

Raw

gpg-guide.md

Step-by-step guide

I expect you to already have gpg installed.

Generate key if you haven't

gpg --gen-key

Use an existing key

gpg --list-keys

Make signing automatic

git config --global commit.gpgsign true

Add your key to git

KEY_ID_HERE should look something like this 156F3F39AA6272333E92670FDFGK0600CC500F03

gpg --list-keys
git config --global user.signingkey KEY_ID_HERE

Export your public key

gpg --armor --output beyarz.asc --export [email protected]
gpg --armor --export [email protected]

Restart

killall gpg-agent
gpg-agent --daemon

See if it works

touch signed.txt
git add .
git commit -m "Testing to signed commit"
git push

Auto sign

Having to sign every commit is exhausting, GPG Keychain solves that by signing it for you. https://gpgtools.org

Download pinentry afterwards brew install pinentry-mac

Add the following to ~/.gnupg/gpg-agent.conf

# Connects gpg-agent to the OSX keychain via the brew-installed
# pinentry program from GPGtools.
pinentry-program /usr/local/bin/pinentry-mac

Change password

gpg --list-keys gpg --edit-key ID gpg> passwd gpg> save

Add your public key to your account

Github - https://help.github.com/articles/adding-a-new-gpg-key-to-your-github-account/
Gitlab - https://docs.gitlab.com/ee/user/project/repository/gpg_signed_commits/
Bitbucket - https://confluence.atlassian.com/bitbucketserver/using-gpg-keys-913477014.html#UsingGPGkeys-AddaGPGkeytoBitbucketServer

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment