Go to https://github.com/settings/emails
And search for an email in a form like this: 6732523+myname@users.noreply.github.com
gpg --full-generate-key
Type in the following infos:
For some future commands you will need your new GPG Key ID.
gpg --list-secret-keys --keyid-format LONG
This will list all your keys. Find your key by checking your username and email.
The output looks something like this:
sec rsa4096/451CBC739CED54D2 2021-09-04 [SC]
2FD8347BFE4F5E3F294482C03D2DBC434C3E2915
uid [ultimate] John Doe <6732523+myname@users.noreply.github.com>
Your GPG Key ID is in the line sec after rsa4096/ so in this case: 451CBC739CED54D2
gpg --armor --export YOUR_KEY_ID
This will simply print out your GPG public key.
Go to your GitHub settings and SSH and GPG keys: https://github.com/settings/keys
Add a new GPG Key (not SSH) and enter your public key from the previous step.
git config --global user.signingkey YOUR_KEY_ID
This will register your GPG key globally. If you have multiple GPG keys you want to use for different repositories you should omit the --global flag and just set the GPG key for specific repos.
If you have only or mostly GitHub repos you may want to automatically sign all commits by setting the property globally:
git config --global commit.gpgsign true
If you want to enable automatic signing to single repos you may use the following command in all repos you want to enable automatic signing:
git config commit.gpgsign true
You can always disable automatic signing for specific repos by setting the property back to false:
git config commit.gpgsign false