5/7/2023 0 Comments Github desktop macSpammers have been known to harvest email addresses from these servers.You cannot delete your key once submitted.Step 19: Submitting Your Key to a Public Keyserver (very optional)īefore you jump on submitting your key to a service such as the MIT PGP Key Server, you should consider the following: Login into and go to your settings, SSH and GPG Keys, and add your GPG key from the page. Step 18: Submit your PGP key to Github to verify your Commits You can enter it into the Dialog box-with the option of saving the password to the macOS X Keychain. You will now be prompted by Pinentry for the password for your signing key. Step 16: Perform a Commit git commit -S -s -m "My Signed Commit" This tells Git to sign all commits using the key you specified in step 13. Step 15: Configure Git to sign all commits (Optional-you can configure this per repository too) The below command needs the fingerprint from step 10 above: git config -global user.signingkey 1111111 Step 14: Configure Git to use your signing key Step 13: Configure Git to use gpg git config -global gpg.program $(which gpg) Documentation on how to do that is here # The export command below gives you the key you add to GitHub The output from below is what you copy to Github. In the output from step 10, the line below the row that says 'pub' shows a fingerprint-this is what you use in the placeholder. *You need to copy the output from your terminal similar to the example above where the # is following the slash. Use the next command to generate a short form of the key fingerprint.Ĭopy the text after the rsa4096/ and before the date generated and use the copied id in step 13: gpg -K -keyid-format SHORT You need a Passphrase to protect your secret key. You need a user ID to identify your key the software constructs the user IDįrom the Real Name, Comment and Email Address in this form:Ĭhange (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o Please specify how long the key should be valid. If you want to follow best practices, you will want to look into generating a Primary key and then Subkeys and the secure handling involved with that. There are a number of arguments on the topic of expiration dates with GPG Keys, for brevity and the sake of keeping this explanation simple we're not using Subkeys in this example and showing a non-expiring example. Once you have entered your options, pinentry will prompt you for a password for the new PGP key. Run the following command to generate your key, note we have to use the -expert flag so as to generate a 4096-bit key. To ensure that you don't run into issues, run the below command to ensure a freshly configured gpg-agent is launched. You will need to modify the permissions to 700 to secure this directory. Step 6: Update the Permissions on your ~/.gnupg Directory # if using bash through homebrew over ssh use Step 5: Restart your Terminal or source your ~/.*rc file # on the built-in bash on macos use # This tells gpg to use the gpg-agentĪppend the following to your ~/.bash_profile or ~/.bashrc or ~/.zshrc. Step 3: Update or Create ~/.gnupg/gpg.conf # Tells GPG which pinentry program to useĮcho "pinentry-program $(brew -prefix)/bin/pinentry-mac" > ~/.gnupg/nf EDIT: June 2022 - Fixes single quotes to allow expansion of the subshell # Make the directory If this directory does not exist, create it. We use the Homebrew package manager for this step.
0 Comments
Leave a Reply. |