Recently I’ve made the switch from being a long time Windows user to a newbie Mac user – and I’m powering through! Now I thought I had everything setup on the new Macbook, however upon making a few changes to some code I’ve been working on and pushing it up to GitHub I quickly realized that my commits were no longer “verified”. I’ve written in the past about signing commits within Windows – and the process for Mac is quite similar – but since there were a few key differences I thought I’d document here for anyone looking to follow along…
First up, we need to get gpg, gnupg, and pinentry-mac installed – Homebrew makes this pretty simple with the following command
|
1 |
brew install gpg2 gnupg pinentry-mac |
From here we need to create a .gnupg directory within our home folder
|
1 |
mkdir ~/.gnupg |
Within our newly created directory we now need to define a gpg-agent.conf file, containing the path to our newly install pinentry-mac package. We also need to create and populate our gpg.conf file in the same spot. This is easily achieved by running the following
|
1 2 |
echo "pinentry-program $(which pinentry-mac)" > ~/.gnupg/gpg-agent.conf echo "use-agent" > ~/.gnupg/gpg.conf |
In order for everything to work we need to populate our profile with the GPG_TTY environment variable. The following example uses zsh, but if you are using bash simply adjust for .bashrc or .bash_profile accordingly.
|
1 2 |
echo "export GPG_TTY=$(tty)" >> ~/.zshrc source ~/.zshrc |
Finally, set the proper permissions on your .gnupg directory
|
1 |
chmod 700 ~/.gnupg |
Alright, now we need to simply generate a new gpg key by running the following