Here we go...
- Install the required packages.
$ brew install gpg2 pinentry-mac
- Generate a GPG key pair.
$ gpg --full-generate-key
Press Enter to use the default RSA and RSA.
Enter 4096 for the keysize.
Press Enter to select that the key doesn’t expire.
Verify that your selections are correct.
Enter your GitHub username as Real Name.
Enter your Github email address.
Press Enter to leave the comment blank.
Enter O to continue if you don’t want to make any changes.
Enter a secure passphrase for your private key. (You can leave it blank if you don’t want to type in your passphrase everytime you want to commit)
Get the generated key.
$ gpg --list-keys
- From the list of GPG keys, copy the GPG key ID you’d like to use. In this example, the GPG key ID is
EXXXXX95E8DEA8E4DC96F794E4FFBC00C2CXXXXX
$ gpg --list-keys
gpg: checking the trustdb
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 2u
/Users/aqhmal/.gnupg/pubring.kbx
--------------------------------
pub rsa4096 2021-02-14 [SC]
EXXXXX95E8DEA8E4DC96F794E4FFBC00C2CXXXXX
uid [ultimate] aqhmal <[email protected]>
sub rsa4096 2021-02-14 [E]
- Set your GPG signing key in Git.
$ git config --global user.signingkey <KEY_ID>
- Set the GPG program in Git.
$ git config --global gpg.program /usr/local/bin/gpg
- Set the gpgsign during commit to true in Git.
$ git config --global commit.gpgsign true
- Set the GPG_TTY variable in .zshrc
$ echo 'export GPG_TTY=$(tty)' >> ~/.zshrc
$ source ~/.zshrc
- Export the GPG key and copy the key, beginning with
-----BEGIN PGP PUBLIC KEY BLOCK-----
and ending with-----END PGP PUBLIC KEY BLOCK-----
.
$ gpg --armor --export <KEY_ID>
- Go to this page and paste the copied key.