# Git Commits ## TL;DR Run these commands if you [already have a GPG Key Pair](https://permitzip.gitbook.io/dev-bible/cryptographic-tools/gnu-privacy-guard-gpg#getting-started). {% tabs %} {% tab title="Export" %} ```bash # Find your key ID gpg --list-secret-keys --keyid-format=long ``` {% endtab %} {% tab title="Print" %} ```bash # print public key to terminal gpg --armor --export YourKeyId ``` {% endtab %} {% tab title="Update Profile" %} Run the following for your preferred shell: **Z Shell** ```bash [ -f ~/.zshrc ] && echo 'export GPG_TTY=$(tty)' >> $HOME/.zshrc echo "alias sign='git commit -s -m'" >> $HOME/.zshrc ``` **Bash** ```bash [ -f ~/.bashrc ] && echo 'export GPG_TTY=$(tty)' >> ~/.bashrc echo "alias sign='git commit -s -m'" >> $HOME/.bashrc ``` {% endtab %} {% tab title="Config Git" %} ```bash git config --global commit.gpgsign true git config --global user.signingkey YOUR-KEY-ID ``` {% endtab %} {% tab title="Sign" %} ```bash # sign the commit using the gpg git commit -s -m "your commit message" # or, optionally use the alias we added to the shell profile sign "your commit message" ``` {% endtab %} {% endtabs %} ## Installation Details ### Create Your GPG Key Pair If you have no GPG key, [you will need to create one](https://permitzip.gitbook.io/dev-bible/cryptographic-tools/gnu-privacy-guard-gpg#getting-started). ### Export the Public Key You'll need to tell GitHub about your credentials which means giving them your public key. To retrieve your key, execute: ```bash gpg --list-secret-keys --keyid-format=long ``` Now print the public key from the previous step to the terminal. ```bash gpg --armor --export ACADE3679FCE5492 ``` ![Finding the Key ID in Terminal](https://2352305786-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FrcAyGIlakmAAexNxXiMS%2Fuploads%2Fgit-blob-c96de5143bfc15aa72a29b2304bb3e896c1c00ef%2Fimage%20\(5\).png?alt=media) Your key will print to the terminal. Copy everything, including `-----BEGIN PGP PUBLIC KEY BLOCK-----` and `-----END PGP PUBLIC KEY BLOCK-----` ```bash -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v2.0.22 (GNU/Linux) mQMuBGKgXt0RCACiF0C5N0FuKodOg+5c6wCcWPmJlvJCU3i4qlT9+nMuQ1aoZnP6 ajGXy6GCbVkWVcBicmoO/zmiIhJTkofqNjDm97A0xSldknAWBGBoxPMDEnzeAUUf NDbUgf59xhFdEqey+KesjkTAD3iHNmPIB8+Paz7Z+uZUL/Ej0Gn/r/aPNLaw2yYK p4FvjNEf78RuwyN16qP+sbwIRHmyga2ngikm2eXIGdJWVbYEqyZy3p0xcorHryAV htbw7qQzNFYhMf7IGfSfvw1olvbN89BI00LScpv6icBTLzGaN0Vx5MDSM+TBJagz jOMIAn+MXTAy2517YgR5UgWp1JnHpIuPoHWLAQDed2Ayrx9ZWgYAn8gwiRvnvQ4f PY4BUcKMtsVC1DTYOwf7BhADuCOJ6n2OOIGcJzDLplaytsBYxDryTnKRi5vBNFl/ AiV4gudNnt4YSut2EyEAxMPPp/cYf2zRfzhdJ9bspyKzphOgAUsumkK5qCzQA5Zp htsCCEn3DyEyOW1URtYplhqNloWD2J2bLzYBp+ObGfghylpDmXp3Dta6RpIaE0B8 2aQwjDsc3XmdvqXb5ws9IQoSuy/vMMjqlBKAvCGQjnidZ11jOAG+TZ7xGw3B28hX zeT6JgvpPpGknD+RtRYDeMj+Q9clt7hudKW7RMPeOuob7msRMef8e0nL3rz7VH6H rHtW0NIoYy26E0Eciep4lCh752Sss8Iiyico5oPypQf8CuPukAceDdj6IIg0Sa3y cLsfBrw7YrN7K1h26FVFP3vkYq1JSDl+Kg1pSv3DCLlkDZRxDwvAdbliAlbyF1cu FD6utxE2U9lGWZfp+RfYaofAdB/0lme3ZEWbwbmwtvjtsZYcarvrHG+iLamPNKi8 u5h7wgiwRMHyZhAH4lx0GQXQfEEJ2yUZ/jjBEXtC+PTlCa/qnpBxiI0427obx2jj vOCNzi1Si2mDnyPy7qr3D9ixdPCTBAGR4I2paMgWoQDMy1RONzTrTcHl5POV4rw9 FYkn57ld1OA+YCI6Mu9G+PNLY700cLii8wv0iMgcJxxQfooWEOvo8cd9Dvmy7fIM xbRES2VubmV0aCBTaHVsdHogKEdhZGdldCBFbmdpbmVlcmluZyBEaXJlY3Rvcikg PGtzaHVsdHpAcGVybWl0emlwLmNvbT6IewQTEQgAIwUCYqBe3QIbAwcLCQgHAwIB BhUIAgkKCwQWAgMBAh4BAheAAAoJEKyt42efzlSSQAcA/j2FNXb5APYa1tnpnG9P +AEKiTcKfPA5BvMalS3f7ZrTAP4iSfnBuUvO8PlKooHSi1lOYn5oaiZSUW+6ityo XI5+XbkCDQRioF7dEAgAiW5xVJG6nBoAc/ixWSQWWRcdJP/OpfnNXiGOjoAETnv0 xT5/6s5PN31AAm61lXUFAVxjLr3DFOAk6ASOVORX6JTAMS1OwFQzJuMg/61/md0Y xQ9oAHnzkDqZMj6A5vjhH3+nzayV/Sz8MRPFxa/F+Oa6ucYW2MjUWEMqcrXGCQKL mtekgNru+ypNlHFn214y6Ba1hIM5Cuz9rfrRsvlZii1hW1B+VkZeVWzoILc3emWc q0MrgL0MxIMu+O1ofECHZjOOFjylinhAeuOgvu5gXek+iPejrXkuiXj1PRJ8ywbG N8tJUh8+HL9UMlpkv/CrBUl2CSW2hyU0/55TOJ0dEwADBQf7B1Gt1sa9Jh2NUb+K nZbjkzPp+tDIw88Dh/A35xt5Tv1lRPzE89FnAYAoOGSd3hOe+4yYsJ7Lq8iyAHWI ynv210TJNWrq30/l5SPBiRLp9dlg4k1euuNA6XwklYXGJXMJtmn3Fu0SzaeAcKR0 Mq4sSAGVVu8C3Rwvn9tRfGl/Yo9X76aHHJXGa9BxW8pI0PswXHxMHzH5GDZR37eU 6G3IAB44oKU5BYZAjk7NCeDTqinXJXPfK2KO6ME8QKFCFCYWeJnaXF7JassMGhVP R7dk0ppgx8Inj90sBqWuobzaH6gi6L46aHR/MTASTcA5O6BNO8M5J6KXuMAKMYtE TcHd54hhBBgRCAAJBQJioF7dAhsMAAoJEKyt42efzlSSEFgBAImUOxNfJUZDhLn3 He+WZE3uBNg+FpnLcQDXJl0zz35mAQDDmstvtvy2aOwKjzbD/SC2qjaKiiDbs7W2 G27bPWIzSw== =z96n -----END PGP PUBLIC KEY BLOCK----- ``` ### Add GPG Key to GitHub GitHub needs to know your public credentials in order to verify each of your signed commits. Follow [the steps](https://docs.github.com/en/authentication/managing-commit-signature-verification/adding-a-new-gpg-key-to-your-github-account) shown here to add your key to GitHub. ### Configure Shell Profile Let's add two things to execute for each new shell session: * an alias that simplifies signing commits * add your GPG key to the shell environment {% tabs %} {% tab title="Z Shell" %} ```bash echo "alias sign='git commit -s -m'" >> $HOME/.zshrc [ -f ~/.zshrc ] && echo 'export GPG_TTY=$(tty)' >> ~/.zshrc ``` {% endtab %} {% tab title="Bash Shell" %} ```bash echo "alias sign='git commit -s -m'" >> $HOME/.bashrc [ -f ~/.bashrc ] && echo 'export GPG_TTY=$(tty)' >> ~/.bashrc ``` {% endtab %} {% endtabs %} {% hint style="warning" %} Make sure to start a new shell session after you add these! {% endhint %} ### Configure Git Profile Tell git you'll be signing commits. Navigate to an existing repository and execute: ```bash git config --global commit.gpgsign true git config --global user.signingkey YOUR-KEY-ID ``` ### Signing Commits You're ready to start signing your work! Here's what it looks like to sign a commit: ```bash git commit -S -m "your commit message" # Creates a signed commit # You will be prompted for your password ``` {% hint style="success" %} #### Signing Shortcut Command The alias we added to the shell profile offers a signing shortcut named `sign`. Example: `sign "your commit message"` {% endhint %}