This gist will walk you through on how to setup GPG signing automatically through git on windows
If you have GNUPG or GPG4WIN installed you will need to uninstall them prior to following this gist.
Open a command line shell In command line shell type the following:
where gpg.exe
Example output:
D:\Tools\Git\usr\bin\gpg.exe
This should point to your GIT install bin directory {GPGBINFOLDER}. For example: D:\Tools\Git\usr\bin
For GNUPG it's usually:
C:\Program Files (x86)\gnupg\bin\gpg.exe
However it can be found by issueing the command:
gpgconf --list-dirs
Look for the bindir output. %3a is ":" beyond that you'll have your {GPGBINFOLDER}
The location of the gpg.exe file will be used as {GPGBIN} later in this gist
This step can be skipped if you chose to keep GNUPG or GPG4WIN and wish to use their version of GPG. However you will still need the {GPGBINFOLDER}
Open system Properties -> Advanced -> Enviroment Variables
Edit Path Variable and add the directory found above. For example: D:\Tools\Git\usr\bin
Restart your command line shell
Once you have restarted your command line shell verify the correct GPG is running but issueing the command:
gpg --help
{COMMAND}
gpg --gen-key
{COMMAND}
gpg --full-generate-key
Run the {COMMAND} in your command line shell. Follow the prompts.
What Kind of key: (default: RSA and RSA) [ENTER] Key size: (default: 2048) 4096 [ENTER] Valid period: (default: 0 - doesn't expire) [ENTER]
Now that the basic settings are done we need to specify the Real Name, Email and a comment. Email SHOULD match your git user data.
To check your git user data run the following commands:
git config --global user.name
git config --global user.email
gpg --list-secret-keys --keyid-format LONG
Example output:
gpg --list-secret-keys --keyid-format LONG
/c/Users/example/.gnupg/secring.gpg
------------------------------------
sec 4096R/3AA5C34371567BD2 2018-04-04
uid [REAL NAME] ([COMMENT]) [EMAIL]
ssb 4096R/42B317FD4BA89E7A 2018-04-04
In the above example the {GPGKEY} would be 3AA5C34371567BD2. It's the HEXDEC in the sec line
Run the following command to retrieve your {GPGPARMOR}
gpg --armor --export {GPGKEY}
Go to https://github.com/settings/keys Click "New GPG Key" Paste your {GPGARMOR} into the text field and submit
Run the following commands:
git config --global user.signingkey {GPGKEY}
git config --global gpg.program {GPGBIN}
git config --global commit.gpgsign true
Now your all setup to run GPG Signed commits
Note: You will need to follow these steps on all computers which you commit on. Personally I use the comment field of the GPG to identify which computer that GPGKey belongs to.
IE an example would be:
Real Name: Nathaniel Hyson
Email: [email protected]
Comment: CLDMV Work PC - Nathaniel
This information is available via the User ID Packet (userID) of the Public Key. Although Github does not support showing this information it is there none the less.
The Public GPG Key Data can be viewed from the following tool: http://cirw.in/gpg-decoder/