Keybase.io, GPG, Github, Git signing on Windows

Roney Thomas
2 min readFeb 9, 2017

--

This is an easy tutorial on how to use your Keybase GPG to sign git commits. This is written for Windows users in mind.

Save public and private key from Keybase.io

Save your private key

Go to your keybase profile and click on edit. Select Export my private key from Keybase.

Copy and save your private key. When saving use No extension for Save as type.

Save your public key

Copy and save your public key. When saving use No extension for Save as type.

Alternatively you can save public key via Powershell. Change the url for your profile.

Invoke-WebRequest -OutFile public.key https://keybase.io/roneythomas/pgp_keys.asc

Github Account

Next add yout public GPG key on Github. Github DOC

Import public and private key

Import public key

gpg — import .\public.key

Import private key

gpg — allow-secret-key-import — import .\private.key

Tell Git to use GPG key

List GPG key

gpg --list-secret-keys --keyid-format LONG

Output should like something like this

/c/Users/Roney/.gnupg/secring.gpg
— — — — — — — — — — — — — — — — -
sec 4096R/3AA5C34371567BD2 2017–02–08
uid Roney Thomas <roney@gmail.com>
ssb 2048R/8869B95BA7BDF3E8 2017–02–08
ssb 2048R/8A70762395C13FED 2017–02–08

Now copy GPG key id which is 3AA5C34371567BD2.

git config --global user.signingkey 3AA5C34371567BD2

Sign Git commit

Finally sign your git commit.

git commit -S -m "Signed commit"

If everything is working you should see you verfied tag after you push.

--

--

No responses yet