mirror of
https://github.com/jbranchaud/til
synced 2026-01-03 15:18:01 +00:00
57 lines
1.6 KiB
Markdown
57 lines
1.6 KiB
Markdown
# Set Up GPG Signing Key
|
|
|
|
I wanted to have that "Verified" icon start showing up next to my commits in
|
|
GitHub. To do that, I need to generate a GPG key, configure the secret key in
|
|
GitHub, and then configure the public signing key with my git config.
|
|
|
|
```bash
|
|
# generate a gpg key
|
|
$ gpg --full-generate-key
|
|
|
|
# Pick the following options when prompted
|
|
# - Choose "RSA and RSA" (Options 1)
|
|
# - Max out key size at 4096
|
|
# - Choose expiration date (e.g. 0 for no expiration)
|
|
# - Enter "Real name" and "Email"
|
|
(I matched those to what is in my global git config)
|
|
# - Set passphrase (I had 1password generate a 4-word passphrase)
|
|
```
|
|
|
|
It may take a few seconds to create.
|
|
|
|
I can see it was created by listing my GPG keys.
|
|
|
|
```bash
|
|
$ gpg --list-secret-keys --keyid-format=long
|
|
[keyboxd]
|
|
---------
|
|
sec rsa4096/1A8656918A8D016B 2025-10-19 [SC]
|
|
...
|
|
```
|
|
|
|
I'll need the `1A8656918A8D016B` portion of that response for the next command
|
|
and it is what I set as my public signing key in my git config.
|
|
|
|
First, though, I add the full key block to my GitHub profile which I can copy
|
|
like so:
|
|
|
|
```bash
|
|
$ gpg --armor --export 1A8656918A8D016B | pbcopy
|
|
```
|
|
|
|
And then I paste that as a new GPG Key on GitHub under _Settings_ -> _SSH and
|
|
GPG Keys_.
|
|
|
|
Last, I update my global git config with the signing key and the preference to
|
|
sign commits:
|
|
|
|
```bash
|
|
git config --global user.signingkey 1A8656918A8D016B
|
|
git config --global commit.gpgsign true
|
|
```
|
|
|
|
Without `commit.gpgsign`, I would have to specify the `-S` flag every time I
|
|
want to create a signed commit.
|
|
|
|
[source](https://git-scm.com/book/ms/v2/Git-Tools-Signing-Your-Work)
|