index.html :: rss :: github :: telegram :: email

GPG: git commit signing

04 Oct 2024

How to set up git commit signing:

  1. Make sure you have gpg installed, and user.email configured for git.

  2. Enable GPG Agent: add use-agent line to ~/.gnupg/gpg.conf (create file if not exists).

  3. Start GPG agent on a shell launch, add to your .zshrc:

    export GPG_TTY=$(tty)
gpgconf --launch gpg-agent

  4. Generate new key gpg --full-gen-key or import the existing one. You can verify you have a private key with gpg --list-secret-keys --keyid-format SHORT.

  5. Configure Git to sign your commits with GPG key:

    # Replace 674CB45A with your key ID from a command above
git config --global user.signingkey 674CB45A
git config --global commit.gpgSign true
git config --global tag.gpgSign true

  6. Add public key to GitHub profile:

    # Replace 674CB45A with your key ID
gpg --armor --export 674CB45A

  7. Commit or --amend something, check that it works with git log --show-signature -1.

Source https://withblue.ink/2020/05/17/how-and-why-to-sign-git-commits.html.