Goal
Securing your Git commits with GPG keys adds an extra layer of authenticity and integrity to your codebase. Follow these steps to effortlessly generate, configure, and use GPG keys for signing your Git commits.
1. Generate Your GPG Key
Start by installing the GPG command-line tool. On macOS, you can use Homebrew for this:
brew install gnupgGenerate your GPG key, using the default settings. Set up a passphrase when prompted:
gpg --full-generate-key2. Retrieve and Export Your GPG Key
To access your GPG key information, use the following command to list your secret keys:
gpg --list-secret-keys --keyid-format=longCopy the portion labeled as “A111111111A11A11” (Example: ed25519/A111111111A11A11).
Export your GPG key in ASCII armor format:
gpg --armor --export A111111111A11A113. Configure GPG for Git
GitHub Setup
Navigate to your GitHub account’s Settings -> SSH and GPG keys. Add a new GPG key and paste the content of the previously exported public key.
Git Configuration
Inform Git about your signing key:
git config --global user.signingkey A111111111A11A11Enforce GPG signature for all commits:
git config --global commit.gpgsign true4. Enhance GPG Experience
Install GPG Suite to securely store your passphrase:
brew install --cask gpg-suite5. Optimize GPG Environment
Edit your shell’s configuration file (e.g., ~/.zshrc) with elevated privileges:
sudo vim ~/.zshrcAdd the following line to the end of the file:
export GPG_TTY=$(tty)Save the file and update the configuration:
source ~/.zshrc6. Configure GPG Timeout
Adjust the GPG agent’s configuration to manage cache timeouts:
sudo vim ~/.gnupg/gpg-agent.confAdd the following lines:
default-cache-ttl 34560000
max-cache-ttl 345600007. Sign Your Commits
Now you’re ready to sign your commits using your GPG key:
git commit -s -m 'your commit'With these steps, you’ve seamlessly integrated GPG key generation, configuration, and commit signing into your Git workflow. Your commits are now backed by the assurance of cryptographic signatures, enhancing the security of your projects.
