GPG signed commits on mac

To set up signed commits on mac:

  • gpg --gen-key to generate the key

  • gpg --list-secret-keys --keyid-format LONG to list your key plus its long key (after the slash after the 2048 or 4096 bit length)

  • gpg --armor --export <PASTE_LONG_KEY_HERE> |pbcopy to copy to public key your clipboard so you can paste it in your profile.

  • git config --global user.signingkey <PASTE_LONG_KEY_HERE> and git config --global commit.gpgsign true to add the key to your git config so you will be signing all your commits using that key. Make sure you want that setting to be global, or per git repo.

  • add echo 'export GPG_TTY=$(tty)' to your .bash_profile or your .zshrc. this will make git ask you for your gpg passhprase every time you commit, to have it remembered, do the following:

  • The following is specific for macs and will add the passphrase to your keychain so you won't be asked every time:

brew upgrade gnupg
brew link --overwrite gnupg
brew install pinentry-mac
echo "pinentry-program /usr/local/bin/pinentry-mac" >> ~/.gnupg/gpg-agent.conf
killall gpg-agent

Try echo "test" | gpg --clearsign for it to ask for your passphrase so it can be added to keychain. In the popup window make sure you tick the box to add to keychain.

Information collected from:

© Copyright 2019-2021 by Theocharis Ledakis.