- Windows 10 (should work on older versions as well)
- Git For Windows installed, with Git Bash available. (Instructions here can also be done with Git Console with minor adjustment to syntax.)
- Read this first (don’t run anything, just read for understanding so that if something goes wrong in the steps below you’ll have a better chance at successful troubleshooting):
- Install Gnu Privacy Guard (GnuPG) for Windows. Although Git Bash provides GPG, the version it came with was too old, so install the latest:
- Open Git Bash.Check the gpg version (it is probably older than the one we just downloaded):
$ gpg --version gpg (GnuPG) 1.4.22
- Tell Git to use our newer install of GPG:
$ git config --global gpg.program "/C/Program Files (x86)/GnuPG/bin/gpg.exe"
- Insert GnuPG to the front of the PATH in .bash_profile:
$ cd ~ $ nano .bash_profile
Add this to the end of the file and save:
PATH="/C/Program Files (x86)/GnuPG/bin":$PATH
- Exit bash (close the window), start a new one up, and check the gpg version again:
$ gpg --version gpg (GnuPG) 2.2.4
- Generate a new GPG key (gpg –full-generate-key then gpg –armor –export <key>). See this for step-by-step details:
NOTE: I have found that on git-bash “gpg –full-generate-key” hangs indefinitely; hwoever, when I ran the gpg steps from git-cmd or generated the key from the Kleopatra user interface instead, everything worked fine.
- Tell GitHub about your key (gpg –armor –export then paste into GitHub): See https://help.github.com/articles/adding-a-new-gpg-key-to-your-github-account/
- Tell Git (local) about your key (git config –global user.signingkey): See https://help.github.com/articles/telling-git-about-your-gpg-key/
- Autosign commits using GPG:
git config --global commit.gpgsign true
(If you are using other repositories that don’t require pgp signing, then leave out –global, but do this in your local git workspace for your project. If you forget this you need to specify the -S option every time you do git commit). See https://help.github.com/articles/signing-commits-using-gpg/ for more detail.