GPG signing for github & mac

I just went through a few steps to get gpg signing to work on my mac and show up on github. I wanted to quickly document the process since the instructions are a little bit scattered. All of it basically came from a few clicks on the github help pages, though, so thanks for all the info, github.

Step 1: Download and install GPG Suite
https://gpgtools.org/

Step 2: Create a gpg key via GUI, but not really?
After I followed the GPG Suite wizard to create a gpg key, it for some reason did not show up in the GPG Keychain GUI. Maybe I accidentally clicked “cancel”. I don’t know. I ended up ignoring this and moving on to the next step.

Step 3: Create a gpg key via command line.
https://help.github.com/articles/generating-a-new-gpg-key/

Step 4: Add that gpg key to GPG Keychain
While following instructions on Step 3, at one point you copy the public key to your clipboard. At this point, GPG Keychain notices that a gpg key is in your clipboard and asks if you want to import it. I said yes.

Step 5: Associate this GPG Key with your account on github
https://help.github.com/articles/adding-a-new-gpg-key-to-your-github-account/

Step 6: Tell git to always sign my commits

git config --global commit.gpgsign true

Step 7: Make a commit as usual
This magically pops up a window asking for my passphrase.
I told the keychain to remember my passphrase after entering it.
On subsequent commits, it doesn’t ask me anymore.

The end. After these steps, my commits started being automagically signed. On github the commits show up as “Verified”. I assume that it might be important to have parity between your committer identity and the name/email you put on your commits. Since mine match, I just didn’t have to worry about it.

Advertisements

About Dan Burton

I love functional programming and awesome type systems, which makes Haskell my obvious language of choice.
This entry was posted in Uncategorized. Bookmark the permalink.

One Response to GPG signing for github & mac

  1. Dan Burton says:

    Note that if you upgrade your mac, it will start using gpg2 instead of gpg1. This may cause problems. Here’s how I fixed:

    $ brew install pinentry-mac
    $ echo ‘use-agent’ >> ~/.gnupg/gpg.conf
    $ echo ‘pinentry-program /usr/local/bin/pinentry-mac’ >> ~/.gnupg/gpg-agent.conf

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s