Time needed: 5 minutes.
How to Sign All GitHub Commits
- Install gpg2, or any other software you’re comfortable with
sudo apt install gnupg2
- Generate a new key
- Follow the instructions of gpg2
- Register gpg2 as the program for signing
git config --global gpg.program gpg2
- Copy your generated public keys signature
- Configure git to use the signature
git config --global user.signingKey [YOUR_SIGNATURE]
- Export the public key to the console
gpg --armor --export [EMAIL_ADDRESS_YOU_USED]
- Register the public key at your GitHub account
- [OPTION A] Enable automatic signing
git config --global commit.gpgsign true
- [OPTION B] Alternatively you may use -S when committing
git commit -S -m "some commit"
Congratulations! All your commits are now automatically signed!
I am a computer scientist and entrepreneur from Germany. I chose to work in computer science because I love building things and improve people’s lives.