Keybase.io, GPG, Github, Git signing on Windows
This is an easy tutorial on how to use your Keybase GPG to sign git commits. This is written for Windows users in mind.
Save public and private key from Keybase.io
Save your private key
Go to your keybase profile and click on edit. Select Export my private key from Keybase.
Copy and save your private key. When saving use No extension for Save as type.
Save your public key
Copy and save your public key. When saving use No extension for Save as type.
Alternatively you can save public key via Powershell. Change the url for your profile.
Invoke-WebRequest -OutFile public.key https://keybase.io/roneythomas/pgp_keys.asc
Github Account
Next add yout public GPG key on Github. Github DOC
Import public and private key
Import public key
gpg — import .\public.key
Import private key
gpg — allow-secret-key-import — import .\private.key
Tell Git to use GPG key
List GPG key
gpg --list-secret-keys --keyid-format LONG
Output should like something like this
/c/Users/Roney/.gnupg/secring.gpg
— — — — — — — — — — — — — — — — -
sec 4096R/3AA5C34371567BD2 2017–02–08
uid Roney Thomas <roney@gmail.com>
ssb 2048R/8869B95BA7BDF3E8 2017–02–08
ssb 2048R/8A70762395C13FED 2017–02–08
Now copy GPG key id which is 3AA5C34371567BD2.
git config --global user.signingkey 3AA5C34371567BD2
Sign Git commit
Finally sign your git commit.
git commit -S -m "Signed commit"
If everything is working you should see you verfied tag after you push.