Install GnuPG and GitHub official CLI tool. Instructions:
- GitHub CLI https://github.com/cli/cli#installation
- GnuPG https://gnupg.org
# If you're using macOS and Homebrew
brew update && brew upgrade
brew install gnupg gh# MacOs or Linux
nix profile install nixpkgs#gh nixpkgs#gnupg nixpkgs#pinentry-curses In case of pinentry error, restart your gpg-agent with path to pinentry.
gh auth login
# Follow remaining steps to auth GitHub CLIGenerate gpg key
gpg --full-generate-keyOptions I selected:
-
Select
1 -
4096bits long -
Expires in:
1y
__
- name: YOUR GITHUB NAME (important)
- email: YOUR GITHUB EMAIL (important)
- Comment: optional (I didn't add anything)
- Passphrase (optional but you should)
Get your public key info info
gpg --list-secret-keys --keyid-format=longsec rsa4096/[THIS_KEY_ID] 2021-07-07 [SC]
2B18EEB732D15480D40A60D605AE1785E201CE95
uid [ultimate] Jon Die <[email protected]>
ssb rsa4096/C98A99F6B0202433 2021-07-07 [E]Copy [THIS_KEY_ID] (it should be 16 digits)
Save public key to a file
mkdir ~/public-keys
gpg --armor --export THIS_KEY_ID > ~/public-keys/GITHUB_GPG_PUBLIC_KEY.gpgLet GitHub know about your key
gh auth refresh --scopes write:gpg_key
gh gpg-key add ~/public-keys/GITHUB_GPG_PUBLIC_KEY.gpgPeek up new GPG key as signing in git(based on https://docs.github.com/en/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key)
``sh git config --global --unset gpg.format git config --global user.signingkey THIS_KEY_ID git config --global commit.gpgsign true
## Step 6
Sign some commit on your account (may be crev-prove)
``
gpg --amend --gpg-sign
Publish to keyservers
gpg --send-keys THIS_KEY_ID
(as per https://security.stackexchange.com/questions/181208/sending-the-gpg-key-to-keyserver )
Optionally can set gpg on your Kusama Identity.