Gpg Encryption of Git Commit
In April, Github announce to support Gpg encryption when submitting the commit. When you use Gpg with your commit, you will get a cool lable Verified on your commit in github page proving that your commit has been Gpg encrypted.
1 What's Gpg?
Gpg is short for "GNU Privacy Guard". Gpg (or GnuPG) is a free hybird encryption software for cryptographic data transmission and cryptographic digital signature.
2 How can I use Gpg?
brew install gnupg
3 How can use Gpg to encrypt my commit?
3.1 Generate a new key pair
Before encryption, a public/private key pair is needed. Generate it using the follow command in your terminal.
gpg --gen-key
You will be asked a series questions. After that, you will get a new key pair. You can using the follow command to list all your key pair.
N.B. Make sure the email address is as same as the email address in your git config. You can view it using git config user.email.
gpg --list-secret-keys --keyid-format LONG
The result will like this:
/your/home/.gnupg/secring.gpg ---------------------------------- sec <LENGTH>R/<SECRET_KEYID> <DATE> uid <NAME> <EMAIL> ssb <LENGTH>R/<SECRET_SUB_KEYID> <DATE>
3.2 Upload your public key to github
You will need to export the public key of your key pair.
gpg --armor --export <sec-key>
Then copy the lines between -----BEGIN PGP PUBLIC KEY BLOCK----- and -----END PGP PUBLIC KEY BLOCK----- in your github setting.
3.3 Encrypt your commit
You need to explicitly tell git to encrypt your commit.
git commit -S -m "your commit message"
3.4 Set as default
Add the following config into your .gitconfig file.
[commit]
gpgsign = true
