Install
brew install gpg
Create new key
# generate key
gpg --full-generate-key
# get the public key using key ID
gpg --armor --export XXXXXX
# set the key ID in git
git config --global user.signingkey XXXXXXX
# always sign commits
git config commit.gpgsign true
Setup keychain
gpg collects password from cli. This causes issues if using vscode to create a commit. So input can be taken from a popup or keychain.
brew install pinentry-mac
The brew installation will print these caveats:
==> Caveats
You can now set this as your pinentry program like
~/.gnupg/gpg-agent.conf
pinentry-program /opt/homebrew/bin/pinentry-mac
So just create a ~/.gnupg/gpg-agent.conf file if it doesn't exist and put the line pinentry-program /opt/homebrew/bin/pinentry-mac in it.
Now, to check if it works.
1.gpg --list-keys to print the existing keys.
-
pkill -TERM gpg-agent. - Restart the terminal.
echo test | gpg -e -r <PUT THE KEY ID HERE> | gpg -d
This should open a pin entry popup and make sure "save in keychain" option is selected.
More links
Documentation on GitHub for setup: https://docs.github.com/en/authentication/managing-commit-signature-verification
Top comments (1)
Great post! Helped me with my GPG setup