GPG

Using GPG for verified Git commits
  1. Get gpg command
brew install gnupg
  1. Generate GPG key
gpg --full-generate-key
  1. List GPG keys for derek@derekzoladz.com
gpg --list-secret-keys --keyid-format LONG derek@derekzoladz.com
  1. Copy the GPG key ID that starts with sec. In the following example, 488652B776349D07:
sec   rsa4096/488652B776349D07 2019-12-14 [SC]
      8AAF3B17369BFB6A36171FFA76349D07488652B7
uid                 [ultimate] Derek Zoladz (None) <derek@derekzoladz.com>
ssb   rsa4096/8A3A7957EECFC9AA 2019-12-14 [E]
  1. Export the public key of that ID
gpg --armor --export 488652B776349D07

  1. Copy the public GPG key and it to both GitLab and GitHub accounts

  2. Tell Git to use your GPG key to sign commits

git config --global user.signingkey 488652B776349D07
  1. Tell Git to sign your commits automatically, to avoid using the -S flag with every commit
git config --global commit.gpgsign true
  1. Export GPG key
# temporary
export GPG_TTY=$(tty)

-or-

# add to .bashrc or .zshrc to load at each session
GPG_TTY=$(tty)
export GPG_TTY
Last modified May 10, 2021: ADD: front-matter to notebook files (c9fea35)