git integration#

Before we begin#

A private (secret) key must be present in your GPG keyring. If you don’t have your keyring setup, see the GPG Key Lifecycle to generate a new key.

Configure git#

First, find the secret subkey key long (16 character) keyid using the following command.

$ gpg --list-secret-keys --keyid-format=long

Force git to use the signing key that we say (the subkey). Notice that we put a trailing ‘!’ on the key when setting the key. This option is passed unchanged to gpg’s –local-user parameter, so you may specify a key using any method that gpg supports.

$ git config --local user.signingkey "0123456789ABCD!"

Signing by default#

Set a local repository to sign commits automatically:

git config --local commit.gpgsign true

Or globally set git to sign commits automatically:

git config --global commit.gpgsign true

Verifying signatures#

Use the --show-signature argument to pass signatures to gpg for validation.

git log --show-signature

This will work with any alias you might use as well.

git alias

Chapter 2

git integration

Contents

git integration#

Before we begin#

Configure git#

Signing by default#

Verifying signatures#