Add Set Up GPG Signing Key as a Git commit

README.md

@@ -10,9 +10,10 @@ pairing with smart people at Hashrocket.
 
 For a steady stream of TILs, [sign up for my newsletter](https://crafty-builder-6996.ck.page/e169c61186).
 
-_1662 TILs and counting..._
+_1663 TILs and counting..._
 
 See some of the other learning resources I work on:
+
 - [Get Started with Vimium](https://egghead.io/courses/get-started-with-vimium~3t5f7)
 - [Ruby Operator Lookup](https://www.visualmode.dev/ruby-operators)
 - [Vim Un-Alphabet](https://www.youtube.com/playlist?list=PL46-cKSxMYYCMpzXo6p0Cof8hJInYgohU)
@@ -391,6 +392,7 @@ If you've learned something here, support my efforts writing daily TILs by
 - [Run A Git Command From Outside The Repo](git/run-a-git-command-from-outside-the-repo.md)
 - [Set A Custom Pager For A Specific Command](git/set-a-custom-pager-for-a-specific-command.md)
 - [Set Default Branch Name For New Repos](git/set-default-branch-name-for-new-repos.md)
+- [Set Up GPG Signing Key](git/set-up-gpg-signing-key.md)
 - [Shorthand To Force Push A Branch](git/shorthand-to-force-push-a-branch.md)
 - [Show All Commits For A File Beyond Renaming](git/show-all-commits-for-a-file-beyond-renaming.md)
 - [Show Changes For Files That Match A Pattern](git/show-changes-for-files-that-match-a-pattern.md)

git/set-up-gpg-signing-key.md

@@ -0,0 +1,56 @@
+# Set Up GPG Signing Key
+
+I wanted to have that "Verified" icon start showing up next to my commits in
+GitHub. To do that, I need to generate a GPG key, configure the secret key in
+GitHub, and then configure the public signing key with my git config.
+
+```bash
+# generate a gpg key
+$ gpg --full-generate-key
+
+# Pick the following options when prompted
+# - Choose "RSA and RSA" (Options 1)
+# - Max out key size at 4096
+# - Choose expiration date (e.g. 0 for no expiration)
+# - Enter "Real name" and "Email"
+    (I matched those to what is in my global git config)
+# - Set passphrase (I had 1password generate a 4-word passphrase)
+```
+
+It may take a few seconds to create.
+
+I can see it was created by listing my GPG keys.
+
+```bash
+$ gpg --list-secret-keys --keyid-format=long
+[keyboxd]
+---------
+sec   rsa4096/1A8656918A8D016B 2025-10-19 [SC]
+...
+```
+
+I'll need the `1A8656918A8D016B` portion of that response for the next command
+and it is what I set as my public signing key in my git config.
+
+First, though, I add the full key block to my GitHub profile which I can copy
+like so:
+
+```bash
+$ gpg --armor --export 1A8656918A8D016B | pbcopy
+```
+
+And then I paste that as a new GPG Key on GitHub under _Settings_ -> _SSH and
+GPG Keys_.
+
+Last, I update my global git config with the signing key and the preference to
+sign commits:
+
+```bash
+git config --global user.signingkey 1A8656918A8D016B
+git config --global commit.gpgsign true
+```
+
+Without `commit.gpgsign`, I would have to specify the `-S` flag every time I
+want to create a signed commit.
+
+[source](https://git-scm.com/book/ms/v2/Git-Tools-Signing-Your-Work)