Skip to content

Instantly share code, notes, and snippets.

@thekcsam

thekcsam/signed-pgp-github.md

Forked from TheCureliestWalk/signed-gpg-github.md
Last active June 29, 2020 12:11
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save thekcsam/85ec49492fae0a5dd89e55df6bfb2b2e to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save thekcsam/85ec49492fae0a5dd89e55df6bfb2b2e to your computer and use it in GitHub Desktop.
Download ZIP
How to create GPG Signed key with Keybase on Github
Raw
signed-pgp-github.md

Sign PGP Key on Github with Keybase

mrkdwn-pass

Set everything up

  • Linux Computer (Windows or MacOS is compatible but you need to install GIT manually)
  • You need to install Keybase, login or sign up one if you don't have.
  • Your basic skill with Git and Github:

You need to know that Linux are have a default software: gpg for sign the GPG key. but we are going to use Keybase instead.

This information if it contains** SOME_THING_IN_THIS_SENTENCE **in code block that means you can add everything you like. Some of words are not code, so please read carefully.

Check up Step

  • SSH keys have already setup.
  • Have some repositories cloned on your computer.

After installed Keybase -- Very first, you need to make sure everything is good by doing these commands: run_keybase For running Keybase, if you type keybase --version, and it output keybase version 1.0.39-20180119172947+d29f565ed then, type git --version if it's show up like this git version 2.14.1 so everything is fine.

Getting Started

Now, let's create the GPG key: type keybase pgp gen fill up all the information related with or without your Github account. Type keybase pgp export > gpg.key. Now your public key will be exported in gpg.key file. Please remember your e-mail

Login to your Github account in your browser: Go to Settings --> SSH and GPG keys --> New GPG key

Open gpg.key in text editor, copy all code (use ctrl+a for select all text) paste the code, click New GPG key

1

In this GPG keys, you will see Key ID. Copy this key.

Now open your Terminal. type and fill your copied key: git config --global user.signingkey __ADD_YOUR_KEY_HERE__ and type this command: git config --global user.email __YOU_REMEMBERED_E-EMAIL_THAT_YOU_HAD_GENERATED_

DONE. Let's go the final step.

Final Step

Let's test, and see how it's worked.

Create some file, type git add . and git commit -S -m "LETTER_THAT_YOU_WANT" looks like this.

2

Then, git push

Go to your repository on Github in browser, click on releases (see the picture below.) 3

click Draft a new release, in tag version add some version e.g. 1.0.0.0 Click Publish Release. You'll found a green Verified badge (see the picture below.), This means you are FINAL DONE! 4

For video version of Final Step

Click Here

All made by Iho Somnam

In a new Machine

  1. Import public keys from keybase keybase pgp export | gpg --import
  2. Import private keys from keybase keybase pgp export -s | gpg --allow-secret-key-import --import
  3. Check your secret keys gpg --list-secret-keys
  4. Output the gpg keys gpg --armor --export YOUR_GPG_ID

Troubleshooting

  • Check error message echo "test" | gpg --clearsign

  • Start gpg-agent

killall gpg-agent && gpg-agent --daemon --pinentry-program /usr/local/bin/pinentry
  • Install package that automatically start gpg-agent
brew install pinentry-mac
# pinentry-mac will start the gpg-agent for you
echo "pinentry-program /usr/local/bin/pinentry-mac" >> ~/.gnupg/gpg-agent.conf
killall gpg-agent
  • To prevent gpg keep prompting out to ask you to fill in your passphrase
$ vim ~/.gnupg/gpg-agent.conf 
pinentry-timeout 864000
pinentry-program /usr/bin/pinentry-curses

gpgconf --reload gpg-agent

Thanks for reading. :)

Other Resources

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment