Skip to main content

Basic Git setup

Basic Git setup

Anyone can use any name and email id when committing in git. Hence, it is always a good idea to sign the commits. This protects against identity impersonation.

Using GPG to create signing keys

For example, this is how a key is created that remains valid for 1 year.

# the format is typically "firstname lastname <email@domain.tld>"

gpg --quick-generate-key "name <email>" ed25519 sign 1y

Then check the key_id created.

gpg --list-public-keys --with-colons <email> | awk -F':' '/pub/ {print $5}'

Once the key_id is found, the key can be exported in a format accepted by your repository.(Gitlab, Github, etc.)

gpg --armor --export <key_id>

Adding everything to git config

git config user.name <name>
git config user.email <email_id>
git config user.signkey $(gpg --list-public-keys --with-colons <email_id> | awk -F':' '/pub/ {print $5}')
git config core.sshCommand 'ssh -i ~/.ssh/<key_name>'
git config commit.gpgsign true
git config tag.gpgsign true
Back to top