Loading ...

How to sign Git commits in Visual Studio Code | CodeAsp.Net

How to sign Git commits in Visual Studio Code

How to sign Git commits in Visual Studio Code

4.82 
 /5
4.82 (1votes)

Make sure you have signed in for Github in VS code 

sudo apt-get install gnupg2

Will give output like this:

raghav@ubuntu:~$ sudo apt-get install gnupg2
[sudo] password for raghav:
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
libfprint-2-tod1 libllvm10
Use 'sudo apt autoremove' to remove them.
The following NEW packages will be installed:
...

Confirm the gpg version

gpg --version

Will give you output like this:

raghav@ubuntu:~$ gpg --version
gpg (GnuPG) 2.2.19
libgcrypt 1.8.5
Copyright (C) 2019 Free Software Foundation, Inc.

 

Create a GPG key pair by running:

gpg --full-generate-key

It will ask some inputs further :

Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
(14) Existing key from card

Type "1". It will ask for this next:

RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (3072)

Type "4096". It will ask for this next:

Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years

Type "0" to make key never expire.

Next it will ask for "GnuPG needs to construct a user ID to identify your key" and will ask for your Real Name, Email address. Enter your real name and email address you have registered in your Github account. Leave the "comment" option as blank.

It will ask for Passphrase next. Enter the passphrase and save it somewhere.

You will be presented with the following output after key has been signed:

We will have to run the get all GPG keys command:

gpg --list-secret-keys --keyid-format LONG 

It will give you the output like this:

gpg --list-secret-keys --keyid-format LONG
gpg: checking the trustdb
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
/home/raghav/.gnupg/pubring.kbx
-------------------------------
sec rsa4096/156CA2060A80B96 2021-01-23 [SC]
D84251ABE5.......E43156CA2E060A80B96
uid [ultimate] Raghav Khunger <raghav......com>
ssb rsa4096/580BB......7B8A3 2021-01-23 [E]

The highlighted bold section is the GPG key which we will have to use further to get our GPG key. Command git to sign your further commits with that key

git config --global commit.gpgsign true

git config --global user.signingkey 156CA2E060A80B96

Run the gpg export command against our gpg key id we extracted from previous command.

gpg --armor --export 156CA2060A80B96

Will give you the public GPG key 

Paste that complete key start with "-- Begin PGP.." and ending with "..--END PGB.." block at here https://github.com/settings/gpg/new

Key will appear here: https://github.com/settings/keys

Go to VSCode settings

and set git.enableCommitSigning to true:

On making any commit now on this machine with the VSCode will have your commits signed and will be presented with "verified" tag on Github. 

Comments (no comments yet)

Top Posts