If you don't have a GPG key, run the following commands to generate one and use it for signing commits and tags.
sudo apt-get update && sudo apt-get install -y gpg
gpg --full-generate-key
RSA and RSA
4096
0
as default value to not expire.Y
and Enter to confirm no expirationO
(capital o) and EnterThe output will be like this:
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: key FD9D311F84732894 marked as ultimately trusted
gpg: directory '/root/.gnupg/openpgp-revocs.d' created
gpg: revocation certificate stored as '/root/.gnupg/openpgp-revocs.d/719559FDB16002AF97000BC6FD9D311F84732894.rev'
public and secret key created and signed.
pub rsa4096 2021-08-19 [SC]
719559FDB16002AF97000BC6FD9D311F84732894
uid username <alfa@example.com>
sub rsa4096 2021-08-19 [E]
In the example it shows to be created under root user because the commands for this example are executed in a docker container. On your machine, it will be under your own user.
Use the following command to list the long form of the GPG key for which you have both a public and a private key
gpg --list-secret-keys --keyid-format=long
The output will be like:
gpg: checking the trustdb
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
/root/.gnupg/pubring.kbx
------------------------
sec rsa4096/FD9D311F84732894 2021-08-19 [SC]
719559FDB16002AF97000BC6FD9D311F84732894
uid [ultimate] MyName <my.email@example.com>
ssb rsa4096/0B89B1E421856836 2021-08-19 [E]
Copy the gpg key id that you find it on the sec line which is FD9D311F84732894
. In your case will be a different one.
Run the following command with the key id selected
gpg --armor --export FD9D311F84732894
Copy your GPG key, beginning with -----BEGIN PGP PUBLIC KEY BLOCK-----
and ending with -----END PGP PUBLIC KEY BLOCK-----
.
Now, you can add your GPG key to your github account
gpg --import public-gpg-key.gpg
gpg --encrypt my-file.gpg
gpg --decrypt my-file.txt
gpg --list-keys
# binary file
gpg --output myname.gpg --export my.email@address.com
# ASCII file
gpg --armor --export my.email@address.com