From 5924edf4c0116fb81948757e59439ab762ad46c7 Mon Sep 17 00:00:00 2001 From: jbranchaud Date: Sun, 19 Oct 2025 15:06:09 -0500 Subject: [PATCH] Add Set Up GPG Signing Key as a Git commit --- README.md | 4 ++- git/set-up-gpg-signing-key.md | 56 +++++++++++++++++++++++++++++++++++ 2 files changed, 59 insertions(+), 1 deletion(-) create mode 100644 git/set-up-gpg-signing-key.md diff --git a/README.md b/README.md index 56213bd..3388ec2 100644 --- a/README.md +++ b/README.md @@ -10,9 +10,10 @@ pairing with smart people at Hashrocket. For a steady stream of TILs, [sign up for my newsletter](https://crafty-builder-6996.ck.page/e169c61186). -_1662 TILs and counting..._ +_1663 TILs and counting..._ See some of the other learning resources I work on: + - [Get Started with Vimium](https://egghead.io/courses/get-started-with-vimium~3t5f7) - [Ruby Operator Lookup](https://www.visualmode.dev/ruby-operators) - [Vim Un-Alphabet](https://www.youtube.com/playlist?list=PL46-cKSxMYYCMpzXo6p0Cof8hJInYgohU) @@ -391,6 +392,7 @@ If you've learned something here, support my efforts writing daily TILs by - [Run A Git Command From Outside The Repo](git/run-a-git-command-from-outside-the-repo.md) - [Set A Custom Pager For A Specific Command](git/set-a-custom-pager-for-a-specific-command.md) - [Set Default Branch Name For New Repos](git/set-default-branch-name-for-new-repos.md) +- [Set Up GPG Signing Key](git/set-up-gpg-signing-key.md) - [Shorthand To Force Push A Branch](git/shorthand-to-force-push-a-branch.md) - [Show All Commits For A File Beyond Renaming](git/show-all-commits-for-a-file-beyond-renaming.md) - [Show Changes For Files That Match A Pattern](git/show-changes-for-files-that-match-a-pattern.md) diff --git a/git/set-up-gpg-signing-key.md b/git/set-up-gpg-signing-key.md new file mode 100644 index 0000000..5faadba --- /dev/null +++ b/git/set-up-gpg-signing-key.md @@ -0,0 +1,56 @@ +# Set Up GPG Signing Key + +I wanted to have that "Verified" icon start showing up next to my commits in +GitHub. To do that, I need to generate a GPG key, configure the secret key in +GitHub, and then configure the public signing key with my git config. + +```bash +# generate a gpg key +$ gpg --full-generate-key + +# Pick the following options when prompted +# - Choose "RSA and RSA" (Options 1) +# - Max out key size at 4096 +# - Choose expiration date (e.g. 0 for no expiration) +# - Enter "Real name" and "Email" + (I matched those to what is in my global git config) +# - Set passphrase (I had 1password generate a 4-word passphrase) +``` + +It may take a few seconds to create. + +I can see it was created by listing my GPG keys. + +```bash +$ gpg --list-secret-keys --keyid-format=long +[keyboxd] +--------- +sec rsa4096/1A8656918A8D016B 2025-10-19 [SC] +... +``` + +I'll need the `1A8656918A8D016B` portion of that response for the next command +and it is what I set as my public signing key in my git config. + +First, though, I add the full key block to my GitHub profile which I can copy +like so: + +```bash +$ gpg --armor --export 1A8656918A8D016B | pbcopy +``` + +And then I paste that as a new GPG Key on GitHub under _Settings_ -> _SSH and +GPG Keys_. + +Last, I update my global git config with the signing key and the preference to +sign commits: + +```bash +git config --global user.signingkey 1A8656918A8D016B +git config --global commit.gpgsign true +``` + +Without `commit.gpgsign`, I would have to specify the `-S` flag every time I +want to create a signed commit. + +[source](https://git-scm.com/book/ms/v2/Git-Tools-Signing-Your-Work)