Steps to enable GPG signing of git commits.
If anyone is interested in setting up their system to automatically (or manually) sign their git commits with their GPG key, here are the steps:
$ git config --global commit.gpgsign true
([OPTIONAL] every commit will now be signed)$ git config --global user.signingkey ABCDEF01
(where ABCDEF01
is the fingerprint of the key to use)$ git config --global alias.logs "log --show-signature"
(now available as $ git logs
)$ git config --global alias.cis "commit -S"
(optional if global signing is false)$ echo "Some content" >> example.txt
$ git add example.txt
$ git cis -m "This commit is signed by a GPG key."
(regular commit
will work if global signing is enabled)$ git logs
If you perform git commits through IntelliJ and want them to be signed, add the following line to your ~/.gnupg/gpg.conf
file:
# This option tells gpg not to expect a TTY interface and allows IntelliJ to sign commits
no-tty
If you perform git commits through SourceTree and want them to be signed, open Preferences > General
and ensure that the GPG Program
field has the value set to the directory containing the gpg2
executable, for example /usr/local/MacGPG2/bin
. Even if your gpg
executable is version 2, the gpg2
executable must be present.
Then click the Settings
icon at the top right of a repository window, click the Security
icon, and check "Enable GPG key signing for commits" and select the desired key. If you have a default-key
setting in ~/.gnupg/gpg.conf
, this should be correctly populated already.