Check out the awesome guide How to Sign Git Commits if you have not configure git signature before.

  1. Generate a key from $ gpg --full-generate-key
  2. Update [user] credentials in git config
  3. (Optional) Export the key to GitHub


1. Create a New Key

Follow GitHub’s “Generating a GPG key” if the key is to be used on GitHub.

$ gpg --full-generate-key

The output should look something like the following:

# Keep the key ID (where the BDKEY5KEY78KEY48 is) for step 3
gpg: key BDKEY5KEY78KEY48 marked as ultimately trusted
gpg: revocation certificate stored as ...
public and secret key created and signed.

# Keep the public key (where the 4044FKEYFKEY... is) for step 2
pub   rsa4096 2021-05-17 [SC]
uid                      Danny Cheng-Hsuan Han <>
sub   rsa4096 2021-05-17 [E]

2. Update [user] credentials in git config

Don’t forget to do a test commit when done updating credentials!

Refer to GitHub’s “Telling Git about your GPG key” if you have multiple keys.

# Add --global to set it globally
$ git config --edit

The template should be like the following:

# .gitconfig

# ...omitted

  name = (user your desired name, i.e., Danny Cheng-Hsuan Han)
  email = (use your email in key generation, i.e.,
  signingKey = (use the public key from key generation, i.e., 4044FKEYKEYMOREKEYSKEYKEYKEYKEYMOREKEYS8)

# ...omitted

3. Export the key to GitHub

Refer to GitHub’s “Adding a GPG key” for more details.


$ gpg --list-secret-keys --keyid-format LONG


# Use the key ID from step 1 here
# In case you lose the key ID, use pub key from `$ gpg --list-keys` is ok too
$ gpg --armor --export BDKEY5KEY78KEY48


Quoting from GitHub, Copy your GPG key, beginning with -----BEGIN PGP PUBLIC KEY BLOCK----- and ending with -----END PGP PUBLIC KEY BLOCK----- then paste it to your GitHub account. Done!