If you're using a GPG key that matches your committer identity and your verified email address associated with your GitHub Enterprise account, then you can begin signing commits and signing tags.
-
Open TerminalTerminalGit Bash.
-
Use the
gpg --list-secret-keys --keyid-format LONG
command to list GPG keys for which you have both a public and private key. A private key is required for signing commits or tags.$ gpg --list-secret-keys --keyid-format LONG
Note: Some GPG installations on Linux may require you to use
gpg2 --list-keys --keyid-format LONG
to view a list of your existing keys instead. In this case you will also need to configure Git to usegpg2
by runninggit config --global gpg.program gpg2
. -
From the list of GPG keys, copy the GPG key ID you'd like to use. In this example, the GPG key ID is
3AA5C34371567BD2
:$ gpg --list-secret-keys --keyid-format LONG /Users/hubot/.gnupg/secring.gpg ------------------------------------ sec 4096R/3AA5C34371567BD2 2016-03-10 [expires: 2017-03-10] uid Hubot
ssb 4096R/42B317FD4BA89E7A 2016-03-10 -
Enter
gpg --edit-key GPG key ID
, substituting in the GPG key ID you'd like to use. In the following example, the GPG key ID is3AA5C34371567BD2
:$ gpg --edit-key 3AA5C34371567BD2
-
Enter
gpg> adduid
to add the user ID details.$ gpg> adduid
-
Follow the prompts to supply your real name, email address, and any comments. You can modify your entries by choosing
N
,C
, orE
.Real Name: Octocat Email address: octocat@github.com Comment: GitHub key Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit?
-
Enter
O
to save your selections. -
Enter your key's passphrase.
-
Enter
gpg --armor --export GPG key ID
, substituting in the GPG key ID you'd like to use. In the following example, the GPG key ID is3AA5C34371567BD2
:$ gpg --armor --export 3AA5C34371567BD2 # Prints the GPG key, in ASCII armor format
-
Upload the GPG key by adding it to your GitHub account.