gpg --full-generate-keyAnd follow the instructions. For e-mail address us the yourusername@users.noreply.github.com from your github profile
gpg --list-secret-keys --keyid-format LONGthis coughs up something like
/Users/yourusername/.gnupg/pubring.kbx
--------------------------------
sec rsa4096/ABCDEFGH12345678 2020-12-18 [SC]
SOMETHINGLONGTHATDOESNOTMATTERFORTHISHOW
uid [ultimate] This Isyou <yourusername@users.noreply.github.com>
ssb rsa4096/WHATEVERDOESNTMA 2020-12-18 [E]
Take the thing behind rsa496 (that's your public key) and run the armor generator over it
gpg --armor --export ABCDEFGH12345678This generates a little wall of text that starts with -----BEGIN PGP PUBLIC KEY BLOCK----- and ends with -----END PGP PUBLIC KEY BLOCK-----. Copy the whole thing and paste it in to your github profile settings (there's a GPG block thing for it).
## only when you didn't set them yet
git config --global user.name=yourusername
git config --global user.email=yourusername@users.noreply.github.com
git config --global user.signingkey=ABCDEFGH12345678
# this tells git to _always_ sign commits, so you don't have to pass -S on every occasion
git config --global commit.gpgsign true
# this was hip and happening during the gpg => gpg2 transition
# likely not necessary anymore as gpg will be picked up anyway
git config --global gpg.program gpgIn your .profile, .zshrc or .bashrc (depending on what shell you use) tell GPG what terminal it should use to ask for your your gpg password:
export GPG_TTY=$(tty)- GitHub's guide on managing commit signature verification