TLDR
Check out the awesome guide How to Sign Git Commits if you have not configure git signature before.
- Generate a key from
$ gpg --full-generate-key
- Update [user] credentials in git config
- (Optional) Export the key to GitHub
Steps
1. Create a New Key
Follow GitHub's "Generating a GPG key" if the key is to be used on GitHub.
The output should look something like the following:
2. Update [user] credentials in git config
Don't forget to do a test commit when done updating credentials!
Refer to GitHub's "Telling Git about your GPG key" if you have multiple keys.
The template should be like the following:
# .gitconfig
# ...omitted
[user]
name = (user your desired name, i.e., Danny Cheng-Hsuan Han)
email = (use your email in key generation, i.e., chenghsuan.han@gmail.com)
signingKey = (use the public key from key generation, i.e., 4044FKEYKEYMOREKEYSKEYKEYKEYKEYMOREKEYS8)
# ...omitted
3. Export the key to GitHub
Refer to GitHub's "Adding a GPG key" for more details.
3-1
3-2
3-3
Quoting from GitHub, Copy your GPG key, beginning with -----BEGIN PGP PUBLIC KEY BLOCK----- and ending with -----END PGP PUBLIC KEY BLOCK-----
then paste it to your GitHub account. Done!