Sign Git commits

Jul 12, 2019

#certificates
#git
#gpg
#security
#signing

1. Find signingkey

Assuming you already have a GPG key:

$ gpg --list-secret-keys --keyid-format long
/home/neonew/.gnupg/pubring.kbx
-------------------------------
sec   rsa2048/1234567890123456 2018-09-01 [SC] [verfällt: 2019-09-01]
      21DC32103D5A8C9FE2B26EC61234567890123456
uid              [ ultimativ ] Andreas Mausch <andreas@test.com>
ssb   rsa2048/12345BEFBD9E7997 2018-09-01 [E] [verfällt: 2019-09-01]

In this case, 1234567890123456 would be your signingkey you need to configure in git.

2. Configure git user.signingkey

git config user.signingkey 1234567890123456

https://help.github.com/en/articles/telling-git-about-your-signing-key

3. Sign commits

In order to sign your commits, you can either use the -S command option:

git commit -S -m "My commit msg"

Or the method I personally prefer, to tell git to sign all commits automatically:

git config commit.gpgsign true