Git Commits signed with GPG Key

Owned by Alan Chapman, created
Last updated: May 15, 2024 by rahull1
2 min read

Overview

Set up your environment to automatically sign git commits with your personalized key, verifying your work in the repository.

Instructions

Step 1: Generate Key

Create a gpg key, as your asurite user: gpg --full-generate-key

Accept default options, fill in your name, email and set a passphrase with your key

$ gpg --gen-key gpg (GnuPG) 2.0.22; Copyright (C) 2013 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Please select what kind of key you want: (1) RSA and RSA (default) (2) DSA and Elgamal (3) DSA (sign only) (4) RSA (sign only) Your selection? 1 RSA keys may be between 1024 and 4096 bits long. What keysize do you want? (2048) Requested keysize is 2048 bits Please specify how long the key should be valid. 0 = key does not expire <n> = key expires in n days <n>w = key expires in n weeks <n>m = key expires in n months <n>y = key expires in n years Key is valid for? (0) Key does not expire at all Is this correct? (y/N) y GnuPG needs to construct a user ID to identify your key. Real name: William Nolastname Email address: wnolast@asu.edu You selected this USER-ID: "William Nolastname <wnolast@asu.edu>" gpg: /home/[asurite]/.gnupg/trustdb.gpg: trustdb created gpg: key A8BDEFD1 marked as ultimately trusted public and secret key created and signed.

 

Step 2: List all your generated keys

$ gpg --list-keys /home/[asurite]/.gnupg/pubring.gpg ------------------------------- pub 2048R/A8BDEFD1 2022-02-24 uid William Nolastname <wnolast@asu.edu> sub 2048R/CDF1031F 2022-02-24

Step 3: Set up your git config to use your new key

$ git config --global user.name "William Nolastname" $ git config --global user.email "[asurite]@asu.edu" $ git config --global user.signingkey A8BDEFD1 $ git config --global commit.gpgsign true

Step 4: Generate your public GPG key:

Step 5: Copy Key

Take the ---BEGIN PGP PUBLIC KEY BLOCK--- all the way to ---END PGP PUBLIC KEY BLOCK---and paste it into your user profile: https://git.rc.asu.edu

Step 6: Optional

If you set a passphrase (you should have), you can configure the passphrase to be typed in in your current session window:

From now on, each commit you make from this system will be signed with your key.

Additional Help

 

Arizona State University