This post illustrates the basic steps to create your Github account and your first repo, with GPG integrated features, which enables you to verify your commits with your encryption key.
Create Your Github Account
- set your username and password
- enable MFA by selecting your account security menu - optional but recommended
- using MFA, I recommend using SSH to sync your local repos remotely on Github, as I had issues with HTTPS.
Get SSH Access
Generate your SSH key; if you already have SSH keys in the default folder, change the name to the key or change location.
Add your SSH key to the ssh-agent
- enter
$ eval "$(ssh-agent -s)"
to start the ssh-agent in the background - if the file
~/.ssh/config
does not exist, create it empty by entering$ touch ~/.ssh/config
- add to the file the following or modify its contents according to your ssh folder location and key name:
$ Host * AddKeysToAgent yes UseKeychain yes IdentityFile ~/.ssh/id_rsa
- add your SSH private key to the ssh-agent and store your passphrase in the keychain:
$ ssh-add -K ~/.ssh/id_rsa
, using the correct path and name.
Add your SSH Key to your Github Account
- add the new SSH key to your Github Account
- on your Mac, open “Keychain access” and check if you already have entries for “github” (use search): delete them in case
- test your connection.
Add your PGP Key to your Github Account
Create your PGP Key
- install GPG with
brew install gnupg
or update it withbrew upgrade gnupg
. - create your PGP Key. You need an RSA 4096 key. Add your username and email.
- after creation, launch the command
gpg --list-secret-keys --keyid-format LONG
, to check your newly created key.
Import your GPG Key from Keybase
The above command can also be used in case you already generated your key.
In case you’ve uploaded your GPG key on keybase, you can import your public key as txt by launching the command keybase pgp export | gpg --import
.
Export your PGP Public Key and Add it to GitHub
After, you need to export your public key, by launching the command gpg --armor --export youremail@email.com
matching your email address with the one used to create the GPG key.
If you can’t remember what email address is attached to your public key, you can list all your gpg keys with gpg --list-keys
. See this well-explained article.
You can then copy and paste the output and copy into GitHub by selecting the “settings” option within your profile and adding the GPG Key.
Create Your Remote Repo on Github and clone it locally
- create a new repository on Github; you can decide if making it public (default) or private. I recommend starting private and then make it public once your’re confident
- enter
$ git clone <your repo ssh name>
- enter
$ cd <your repo name>
- enter
$ git config user.name "your username"
- enter
git config --global user.signingkey your_ Key_ID
, to add your signkey - type
$ git config --global user.email "your email address"
; be sure to use your primary or added email address, which needs to match the email used to generate your GPG key - add
git config --global commit.gpgsign true
to auto-sign with your key each commit.
Start Coding!
“Learning to write programs stretches your mind, and helps you think better, creates a way of thinking about things that I think is helpful in all domains.”
Bill Gates
Start coding locally, commit locally often, and when you want to sync your remote repo enter $ git push origin master
.
Check on your commits on Github: you should see “verified”.
You might get this message after a commit:
error: gpg failed to sign the data
fatal: failed to write commit object
In case, enter echo 'no-tty' >> ~/.gnupg/gpg.conf
and then export GPG_TTY=$(tty)
to apply change to all users.
See this stackoverflow thread for more information and cases.