Oscarz90 · November 6, 2023 22:12 · Oct 24, 2023 · Oct 3, 2023 · Sep 22, 2022 · Jun 23, 2022
diff --git a/2-using-gpg.md b/2-using-gpg.md
@@ -121,8 +121,9 @@ This tells Git to sign all commits using the key you specified in step 13.
     git config --global commit.gpgsign true
 
 ## Step 16: Perform a Commit
+This performs an empty commit-but lets us test signing it with GPG-thanks @rickschubert for the suggestion!
 
-    git commit -S -s -m "My Signed Commit"
+    git commit -S -s -m "My Signed Commit" --allow-empty
 
 ## Step 17: Pinentry Prompt
 You will now be prompted by Pinentry for the password for your signing key.  You can enter it into the Dialog box-with the option of saving the password to the macOS X Keychain.

diff --git a/2-using-gpg.md b/2-using-gpg.md
@@ -46,7 +46,7 @@ To ensure that you don't run into issues, run the below command to ensure a fres
     killall gpg-agent
 
 ## Step 8: Create your GPG Key
-Run the following command to generate your key, note we have to use the `--expert` flag so as to generate a 4096-bit key.
+Run the following command to generate your key, note we have to use the `--expert` flag so as to generate a 4096-bit key.  If you receive a timeout at this step-please go back and verify that you did run the command in Step 7.  Otherwise, go back and double check that you followed the preceding steps.
 
     gpg --full-gen-key
 
@@ -136,6 +136,24 @@ Before you jump on submitting your key to a service such as the [MIT PGP Key Ser
 - Spammers have been known to harvest email addresses from these servers
 - If you're only signing your Git commits to Github this isn't necessary
 
+# Import existing keys from another system (Optional)
+
+If you already have set up GPG keys on a previous Mac, or elsewhere, you can re-use them by exporting them from that host by following the steps below (Special thanks to [@megahirt](https://gist.github.com/megahirt) for the suggestion).  Please note: keep in mind the method that you use to transfer your GPG keys!  Because of the sensitive nature of GPG keys, you will want to ensure that you use a highly secured means of transferring them.  I won't suggest a specific method as it is outside of the scope of this Gist-but be paranoid is what I can say.
+
+## Step 8a: Export the GPG Key Materials
+
+On the host you want to move/duplicate the keys from, run the following and then copy the resulting files to your "new" host.  Substitute your key's keyid for the ${ID} in the example.  You will be prompted to enter the passphrase you set during the generation of the key to export the private key.
+
+    gpg --export ${ID} > my_key_public.key
+    gpg --export-secret-key ${ID} > my_key_private.key
+
+## Step 9a: Import the GPG Key Materials
+
+On the host you want to import the keys, move them to an accessible location and then run the following commands from that folder.  When you go to import the private key, you will be prompted for the password you specified when you generated/exported it.
+
+    gpg --import my_key_public.key
+    gpg --import my_key_private.key
+
 # Troubleshooting
 
 ## Error No pinentry

diff --git a/1-setup.md b/1-setup.md
@@ -1,13 +1,9 @@
-# Methods of Signing with GPG on MacOS
+# Methods of Signing with a GPG Key on MacOS
 
-*Last updated June 23, 2022*
+*Last updated September 21, 2022*
 
-There are now two ways to approach this:
-1. Using gpg and generating keys
-2. Using Kryptonite by krypt.co
+This Gist explains how to do this using gpg in a step-by-step fashion.  Previously, krypt.co was heavily mentioned, but I've only recently learned they were acquired by Akamai and no longer update their previous free products.  Those mentions have been removed.
 
-This Gist explains how to do this using gpg in a step-by-step fashion.  Kryptonite is actually wickedly easy to use-but you will still need to follow the instructions 
-
-For using a GUI-based GIT tool such as Tower or Github Desktop, follow the steps [here](4-GUI-git-signing.md) for signing with either GPG or Krypt.co.
+For using a GUI-based GIT tool such as Tower or Github Desktop, follow the steps [here](4-GUI-git-signing.md) for signing your commits with GPG.
 
 There has been a number of comments on this gist regarding some issues around the pinentry-program and M1 Macs.  I've finally gotten a chance to try things out on an M1 and I've updated the documentation in `2-using-gpg.md` to reflect my findings.
diff --git a/3-GUI-git-signing.md b/3-GUI-git-signing.md
@@ -22,12 +22,4 @@
 Copy the .sh file in this gist to `~/bin/`.
 
 ## Step 5: Copy org.gnupg.gpg-agent.plist file to ~/Library/LaunchAgents/
-Copy the the plist file in this Gist to `~/Library/LaunchAgents/`.
-
-## Using Krypt.co
-
-## Step 1: Copy startup-gpg-agent.sh to ~/bin/
-Copy the .sh file in this gist to `~/bin/`.
-
-## Step 2: Copy org.gnupg.gpg-agent.plist file to ~/Library/LaunchAgents/
 Copy the the plist file in this Gist to `~/Library/LaunchAgents/`.
diff --git a/1-setup.md b/1-setup.md
@@ -1,4 +1,4 @@
-# Methods of Signing with GPG
+# Methods of Signing with GPG on MacOS
 
 *Last updated June 23, 2022*
 
@@ -10,4 +10,4 @@ This Gist explains how to do this using gpg in a step-by-step fashion.  Kryptoni
 
 For using a GUI-based GIT tool such as Tower or Github Desktop, follow the steps [here](4-GUI-git-signing.md) for signing with either GPG or Krypt.co.
 
-There has been a number of comments on this gist regarding some issues around the pinentry-program and M1 Macs.  I've finally gotten a chance to try things out on an M1 and I've updated the documentation in `2-using-gpg.md` to reflect my findings 
+There has been a number of comments on this gist regarding some issues around the pinentry-program and M1 Macs.  I've finally gotten a chance to try things out on an M1 and I've updated the documentation in `2-using-gpg.md` to reflect my findings.
diff --git a/2-using-gpg.md b/2-using-gpg.md
@@ -51,7 +51,7 @@ Run the following command to generate your key, note we have to use the `--exper
     gpg --full-gen-key
 
 ## Step 9: Answer the Questions
-Once you have entered your options, pinentry will prompt you for a password for the new PGP key.
+Once you have entered your options, pinentry will prompt you for a password for the new PGP key.  There are a number of arguments on the topic of expiration dates with GPG Keys, for brevity and the sake of keeping this explanation simple we're not using Subkeys in this example and showing a non-expiring example.  If you want to follow best practices, you will want to look into generating a Primary key and then Subkeys and the secure handling involved with that.
 
     Please select what kind of key you want:
        (1) RSA and RSA (default)

diff --git a/1-setup.md b/1-setup.md
@@ -1,6 +1,6 @@
 # Methods of Signing with GPG
 
-*Last updated June 21, 2022*
+*Last updated June 23, 2022*
 
 There are now two ways to approach this:
 1. Using gpg and generating keys

diff --git a/5-automatically-sign-commits.md b/5-automatically-sign-commits.md
@@ -0,0 +1,9 @@
+# Automatically Sign Your Commits
+
+To automatically sign all of your commits (which may be overkill), you can simply update your ~/.gitconfig file by running the below command:
+
+    git config --global commit.gpgsign true
+
+Otherwise, run the below command per repository by navigating to the directory of the repo:
+
+    git config commit.gpgsign true
diff --git a/2-using-gpg.md b/2-using-gpg.md
@@ -101,7 +101,7 @@ Copy the text after the `rsa4096/` and before the date generated and use the cop
 *You need to copy the output from your terminal similar to the example above where the ######## is following the slash. *
 
 ## Step 12: Export the fingerprint
-In the output from step 10, the line below the row that says 'pub' shows a fingerprint-this is what you use in the <your key id> placeholder.  The output from below is what you copy to Github:  
+In the output from step 10, the line below the row that says 'pub' shows a fingerprint-this is what you use in the <your key id> placeholder.  The output from below is what you copy to Github.  Documentation on how to do that is [here](https://docs.github.com/en/authentication/managing-commit-signature-verification/adding-a-new-gpg-key-to-your-github-account)
 
     # The export command below gives you the key you add to GitHub
     gpg --armor --export <your key id>

diff --git a/2-using-gpg.md b/2-using-gpg.md
@@ -5,7 +5,7 @@ We use the Homebrew package manager for this step.
 
     brew install gpg2 gnupg pinentry-mac       
 
-## Step 2: Create the `.gnupg` Directory
+## Step 2: Create the .gnupg Directory
 If this directory does not exist, create it.  EDIT: June 2022 - Fixes single quotes to allow expansion of the subshell
 
     # Make the directory
@@ -137,13 +137,16 @@ Before you jump on submitting your key to a service such as the [MIT PGP Key Ser
 - If you're only signing your Git commits to Github this isn't necessary
 
 # Troubleshooting
-If you have any errors when generating a key regarding gpg-agent, try the following command to see what error it generates: 
 
-    gpg-agent --daemon
+## Error No pinentry
+
+This is caused by an incorrectly configured pinentry program.  Review Step 2 and complete the second part again.
 
 ## Error No such file or directory
-This is caused by a mis-configured pinentry program.  If you were following an earlier version of this gist, you will need to re-do the second part of [Step 2](#Step_2_Create_the___gnupg__Directory)
+
+This is caused by a missing configuration to specify the pinentry program.  If you were following an earlier version of this gist that said you did not need to specify a pinentry program, you will need to re-do the second part of Step 2.
 
-    killall gpg-agent
+## Other Errors
+If you have any errors when generating a key regarding gpg-agent, try the following command to see what error it generates:
 
-Then try to generate the key again.
+    gpg-agent --daemon
diff --git a/1-setup.md b/1-setup.md
@@ -8,4 +8,6 @@ There are now two ways to approach this:
 
 This Gist explains how to do this using gpg in a step-by-step fashion.  Kryptonite is actually wickedly easy to use-but you will still need to follow the instructions 
 
-For using a GUI-based GIT tool such as Tower or Github Desktop, follow the steps [here](4-GUI-git-signing.md) for signing with either GPG or Krypt.co.
+For using a GUI-based GIT tool such as Tower or Github Desktop, follow the steps [here](4-GUI-git-signing.md) for signing with either GPG or Krypt.co.
+
+There has been a number of comments on this gist regarding some issues around the pinentry-program and M1 Macs.  I've finally gotten a chance to try things out on an M1 and I've updated the documentation in `2-using-gpg.md` to reflect my findings 
diff --git a/2-using-gpg.md b/2-using-gpg.md
@@ -40,12 +40,17 @@ You will need to modify the permissions to 700 to secure this directory.
 
     chmod 700 ~/.gnupg
 
-## Step 7: Create your GPG Key
+## Step 7: Kill the GPG Agent
+To ensure that you don't run into issues, run the below command to ensure a freshly configured gpg-agent is launched.
+
+    killall gpg-agent
+
+## Step 8: Create your GPG Key
 Run the following command to generate your key, note we have to use the `--expert` flag so as to generate a 4096-bit key.
 
     gpg --full-gen-key
 
-## Step 8: Answer the Questions
+## Step 9: Answer the Questions
 Once you have entered your options, pinentry will prompt you for a password for the new PGP key.
 
     Please select what kind of key you want:
@@ -80,12 +85,12 @@ Once you have entered your options, pinentry will prompt you for a password for
     Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
     You need a Passphrase to protect your secret key.
 
-## Step 9: Get your key info for Git, etc.
+## Step 10: Get your key info for Git, etc.
 
     # List your keys
     gpg -k
 
-## Step 10: Get your key id
+## Step 11: Get your key id
 Use the next command to generate a short form of the key fingerprint.
 
 Copy the text after the `rsa4096/` and before the date generated and use the copied id in step 13:  
@@ -95,43 +100,50 @@ Copy the text after the `rsa4096/` and before the date generated and use the cop
 
 *You need to copy the output from your terminal similar to the example above where the ######## is following the slash. *
 
-## Step 11: Export the fingerprint
+## Step 12: Export the fingerprint
 In the output from step 10, the line below the row that says 'pub' shows a fingerprint-this is what you use in the <your key id> placeholder.  The output from below is what you copy to Github:  
 
     # The export command below gives you the key you add to GitHub
     gpg --armor --export <your key id>
 
-## Step 12: Configure Git to use gpg
+## Step 13: Configure Git to use gpg
 
     git config --global gpg.program $(which gpg)
 
-## Step 13: Configure Git to use your signing key
+## Step 14: Configure Git to use your signing key
 The below command needs the fingerprint from step 10 above:  
 
     git config --global user.signingkey 1111111
 
-## Step 14: Configure Git to sign all commits (Optional-you can configure this per repository too)
+## Step 15: Configure Git to sign all commits (Optional-you can configure this per repository too)
 This tells Git to sign all commits using the key you specified in step 13.  
 
     git config --global commit.gpgsign true
 
-## Step 15: Perform a Commit
+## Step 16: Perform a Commit
 
     git commit -S -s -m "My Signed Commit"
 
-## Step 16: Pinentry Prompt
+## Step 17: Pinentry Prompt
 You will now be prompted by Pinentry for the password for your signing key.  You can enter it into the Dialog box-with the option of saving the password to the macOS X Keychain.
 
-## Step 17: Submit your PGP key to Github to verify your Commits
+## Step 18: Submit your PGP key to Github to verify your Commits
 Login into Github.com and go to your settings, SSH and GPG Keys, and add your GPG key from the page.
 
-## Step 18: Submitting Your Key to a Public Keyserver (very optional)
+## Step 19: Submitting Your Key to a Public Keyserver (very optional)
 Before you jump on submitting your key to a service such as the [MIT PGP Key Server](https://pgp.mit.edu), you should consider the following:
 - You cannot delete your key once submitted
 - Spammers have been known to harvest email addresses from these servers
 - If you're only signing your Git commits to Github this isn't necessary
 
 # Troubleshooting
-If you have any errors when generating a key regarding gpg-agent, try the following command to see what error it generates:  
+If you have any errors when generating a key regarding gpg-agent, try the following command to see what error it generates: 
 
     gpg-agent --daemon
+
+## Error No such file or directory
+This is caused by a mis-configured pinentry program.  If you were following an earlier version of this gist, you will need to re-do the second part of [Step 2](#Step_2_Create_the___gnupg__Directory)
+
+    killall gpg-agent
+
+Then try to generate the key again.
diff --git a/1-setup.md b/1-setup.md
@@ -1,6 +1,6 @@
 # Methods of Signing with GPG
 
-*Last updated March 28, 2021*
+*Last updated June 21, 2022*
 
 There are now two ways to approach this:
 1. Using gpg and generating keys

diff --git a/2-using-gpg.md b/2-using-gpg.md
@@ -6,14 +6,14 @@ We use the Homebrew package manager for this step.
     brew install gpg2 gnupg pinentry-mac       
 
 ## Step 2: Create the `.gnupg` Directory
-If this directory does not exist, create it.
+If this directory does not exist, create it.  EDIT: June 2022 - Fixes single quotes to allow expansion of the subshell
 
     # Make the directory
     mkdir ~/.gnupg
-    
-    # The below configuration used to be added within that directory but is no longer required and breaks on M1-based Macs
-    # echo 'pinentry-program $(brew --prefix)/bin/pinentry-mac' > ~/.gnupg/gpg-agent.conf
-    
+
+    # Tells GPG which pinentry program to use
+    echo "pinentry-program $(brew --prefix)/bin/pinentry-mac" > ~/.gnupg/gpg-agent.conf
+
 ## Step 3: Update or Create ~/.gnupg/gpg.conf
 If this file does not exist, create it.
 
@@ -63,19 +63,19 @@ Once you have entered your options, pinentry will prompt you for a password for
           <n>w = key expires in n weeks
           <n>m = key expires in n months
           <n>y = key expires in n years
-    Key is valid for? (0) 3y
+    Key is valid for? (0) 0
     Key does not expire at all
     Is this correct? (y/N) y
 
     You need a user ID to identify your key; the software constructs the user ID
     from the Real Name, Comment and Email Address in this form:
         "Heinrich Heine (Der Dichter) <[email protected]>"
 
-    Real name: Dr Duh
-    Email address: [email protected]
+    Real name: John Smith
+    Email address: [email protected]
     Comment:
     You selected this USER-ID:
-        "Dr Duh <[email protected]>"
+        "John Smith <[email protected]>"
 
     Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
     You need a Passphrase to protect your secret key.

diff --git a/3-GUI-git-signing.md b/3-GUI-git-signing.md
@@ -6,7 +6,7 @@
 
     use-standard-socket
     # Below option is deprecated
-    # pinentry-program $(brew --prefix)/bin/pinentry-mac
+    pinentry-program $(brew --prefix)/bin/pinentry-mac
     enable-ssh-support
 
 ### Step 2: Modify ~/.gnupg/gpg.conf

diff --git a/2-using-gpg.md b/2-using-gpg.md
@@ -24,7 +24,7 @@ If this file does not exist, create it.
 Append the following to your ~/.bash_profile or ~/.bashrc or ~/.zshrc
 
     ...
-    export GPG_TTY=`tty`
+    export GPG_TTY=$(tty)
 
 ## Step 5: Restart your Terminal or source your ~/.*rc file
 

diff --git a/2-using-gpg.md b/2-using-gpg.md
@@ -6,7 +6,7 @@ We use the Homebrew package manager for this step.
     brew install gpg2 gnupg pinentry-mac       
 
 ## Step 2: Create the `.gnupg` Directory
-If this file does not exist, create it.
+If this directory does not exist, create it.
 
     # Make the directory
     mkdir ~/.gnupg
@@ -93,7 +93,7 @@ Copy the text after the `rsa4096/` and before the date generated and use the cop
     gpg -K --keyid-format SHORT
     sec rsa4096/######## YYYY-MM-DD [SC] [expires: YYYY-MM-DD]
 
-*You need to copy the output similar to the example above where the ######## is.*
+*You need to copy the output from your terminal similar to the example above where the ######## is following the slash. *
 
 ## Step 11: Export the fingerprint
 In the output from step 10, the line below the row that says 'pub' shows a fingerprint-this is what you use in the <your key id> placeholder.  The output from below is what you copy to Github:  

diff --git a/1-setup.md b/1-setup.md
@@ -1,6 +1,6 @@
 # Methods of Signing with GPG
 
-**Last updated March 28, 2021**
+*Last updated March 28, 2021*
 
 There are now two ways to approach this:
 1. Using gpg and generating keys

diff --git a/1-setup.md b/1-setup.md
@@ -1,5 +1,7 @@
 # Methods of Signing with GPG
 
+**Last updated March 28, 2021**
+
 There are now two ways to approach this:
 1. Using gpg and generating keys
 2. Using Kryptonite by krypt.co

diff --git a/3-GUI-git-signing.md b/3-GUI-git-signing.md
@@ -1,4 +1,4 @@
-# Git Signing with a GUI Application (e.g. Tower or Github)
+# Git Signing with a GUI Application (e.g. Git Tower or GitHub Desktop)
 
 ## Manually Installed GPG
 
@@ -14,10 +14,14 @@
     use-agent
     no-tty
 
-## Step 3: Copy startup-gpg-agent.sh to ~/bin/
+## Step 3: Restart GPG Agent
+
+    gpgconf --reload gpg-agent
+
+## Step 4: Copy startup-gpg-agent.sh to ~/bin/
 Copy the .sh file in this gist to `~/bin/`.
 
-## Step 4: Copy org.gnupg.gpg-agent.plist file to ~/Library/LaunchAgents/
+## Step 5: Copy org.gnupg.gpg-agent.plist file to ~/Library/LaunchAgents/
 Copy the the plist file in this Gist to `~/Library/LaunchAgents/`.
 
 ## Using Krypt.co

diff --git a/3-GUI-git-signing.md b/3-GUI-git-signing.md
@@ -5,7 +5,8 @@
 ### Step 1: Modify ~/.gnupg/gpg-agent.conf
 
     use-standard-socket
-    pinentry-program /usr/local/bin/pinentry-mac
+    # Below option is deprecated
+    # pinentry-program $(brew --prefix)/bin/pinentry-mac
     enable-ssh-support
 
 ### Step 2: Modify ~/.gnupg/gpg.conf

diff --git a/2-using-gpg.md b/2-using-gpg.md
@@ -5,13 +5,14 @@ We use the Homebrew package manager for this step.
 
     brew install gpg2 gnupg pinentry-mac       
 
-## Step 2: Update ~/.gnupg/gpg-agent.conf
+## Step 2: Create the `.gnupg` Directory
 If this file does not exist, create it.
 
     # Make the directory
     mkdir ~/.gnupg
-    # Write our configuration to it
-    echo 'pinentry-program $(brew --prefix)/bin/pinentry-mac' > ~/.gnupg/gpg-agent.conf
+
+    # The below configuration used to be added within that directory but is no longer required and breaks on M1-based Macs
+    # echo 'pinentry-program $(brew --prefix)/bin/pinentry-mac' > ~/.gnupg/gpg-agent.conf
 
 ## Step 3: Update or Create ~/.gnupg/gpg.conf
 If this file does not exist, create it.

diff --git a/4-GUI-git-signing.md → 3-GUI-git-signing.md b/4-GUI-git-signing.md → 3-GUI-git-signing.md
diff --git a/3-using-krypt.md b/3-using-krypt.md
@@ -1 +0,0 @@
-# Krypt.co

diff --git a/5-helpful-urls.md → 4-helpful-urls.md b/5-helpful-urls.md → 4-helpful-urls.md
diff --git a/2-using-gpg.md b/2-using-gpg.md
@@ -11,7 +11,7 @@ If this file does not exist, create it.
     # Make the directory
     mkdir ~/.gnupg
     # Write our configuration to it
-    echo 'pinentry-program /usr/local/bin/pinentry-mac' > ~/.gnupg/gpg-agent.conf
+    echo 'pinentry-program $(brew --prefix)/bin/pinentry-mac' > ~/.gnupg/gpg-agent.conf
 
 ## Step 3: Update or Create ~/.gnupg/gpg.conf
 If this file does not exist, create it.

diff --git a/2-using-gpg.md b/2-using-gpg.md
@@ -8,15 +8,16 @@ We use the Homebrew package manager for this step.
 ## Step 2: Update ~/.gnupg/gpg-agent.conf
 If this file does not exist, create it.
 
-    # Insert the following text
-    pinentry-program /usr/local/bin/pinentry-mac
+    # Make the directory
+    mkdir ~/.gnupg
+    # Write our configuration to it
+    echo 'pinentry-program /usr/local/bin/pinentry-mac' > ~/.gnupg/gpg-agent.conf
 
 ## Step 3: Update or Create ~/.gnupg/gpg.conf
 If this file does not exist, create it.
 
-    # Uncomment within config (or add this line)
     # This tells gpg to use the gpg-agent
-    use-agent
+    echo 'use-agent' > ~/.gnupg/gpg.conf
 
 ## Step 4: Modify your Shell
 Append the following to your ~/.bash_profile or ~/.bashrc or ~/.zshrc

diff --git a/2-using-gpg.md b/2-using-gpg.md
@@ -33,16 +33,16 @@ Append the following to your ~/.bash_profile or ~/.bashrc or ~/.zshrc
     # and if using zsh
     source ~/.zshrc
 
-## Step 6: Create your GPG Key
-Run the following command to generate your key, note we have to use the `--expert` flag so as to generate a 4096-bit key.
-
-    gpg --full-gen-key
-
-## Step 7: Update the Permissions on your ~/.gnupg Directory
+## Step 6: Update the Permissions on your ~/.gnupg Directory
 You will need to modify the permissions to 700 to secure this directory.  
 
     chmod 700 ~/.gnupg
 
+## Step 7: Create your GPG Key
+Run the following command to generate your key, note we have to use the `--expert` flag so as to generate a 4096-bit key.
+
+    gpg --full-gen-key
+
 ## Step 8: Answer the Questions
 Once you have entered your options, pinentry will prompt you for a password for the new PGP key.
 

diff --git a/2-using-gpg.md b/2-using-gpg.md
@@ -19,14 +19,19 @@ If this file does not exist, create it.
     use-agent
 
 ## Step 4: Modify your Shell
-Append the following to your ~/.bashrc or ~/.zshrc
+Append the following to your ~/.bash_profile or ~/.bashrc or ~/.zshrc
 
     ...
     export GPG_TTY=`tty`
 
 ## Step 5: Restart your Terminal or source your ~/.*rc file
 
+    # on the built-in bash on macos use
+    source ~/.bash_profile
+    # if using bash through homebrew over ssh use
     source ~/.bashrc
+    # and if using zsh
+    source ~/.zshrc
 
 ## Step 6: Create your GPG Key
 Run the following command to generate your key, note we have to use the `--expert` flag so as to generate a 4096-bit key.

diff --git a/2-using-gpg.md b/2-using-gpg.md
@@ -22,7 +22,7 @@ If this file does not exist, create it.
 Append the following to your ~/.bashrc or ~/.zshrc
 
     ...
-    export GPG_TTY="tty"
+    export GPG_TTY=`tty`
 
 ## Step 5: Restart your Terminal or source your ~/.*rc file
 

diff --git a/2-using-gpg.md b/2-using-gpg.md
@@ -3,7 +3,7 @@
 ## Step 1: Install software
 We use the Homebrew package manager for this step.
 
-    brew install gpg2 gpg-agent pinentry-mac       
+    brew install gpg2 gnupg pinentry-mac       
 
 ## Step 2: Update ~/.gnupg/gpg-agent.conf
 If this file does not exist, create it.

diff --git a/2-using-gpg.md b/2-using-gpg.md
@@ -116,8 +116,9 @@ This tells Git to sign all commits using the key you specified in step 13.
 You will now be prompted by Pinentry for the password for your signing key.  You can enter it into the Dialog box-with the option of saving the password to the macOS X Keychain.
 
 ## Step 17: Submit your PGP key to Github to verify your Commits
+Login into Github.com and go to your settings, SSH and GPG Keys, and add your GPG key from the page.
 
-## Step 17: Submitting Your Key to a Public Keyserver (very optional)
+## Step 18: Submitting Your Key to a Public Keyserver (very optional)
 Before you jump on submitting your key to a service such as the [MIT PGP Key Server](https://pgp.mit.edu), you should consider the following:
 - You cannot delete your key once submitted
 - Spammers have been known to harvest email addresses from these servers

diff --git a/1-setup.md b/1-setup.md
@@ -4,4 +4,6 @@ There are now two ways to approach this:
 1. Using gpg and generating keys
 2. Using Kryptonite by krypt.co
 
-This Gist explains how to do this using gpg.  Kryptonite is actually wickedly easy to use-but you will still need to follow the instructions [here](4-GUI-git-signing.md) for using Kryptonite with GUI-based Git applications.
+This Gist explains how to do this using gpg in a step-by-step fashion.  Kryptonite is actually wickedly easy to use-but you will still need to follow the instructions 
+
+For using a GUI-based GIT tool such as Tower or Github Desktop, follow the steps [here](4-GUI-git-signing.md) for signing with either GPG or Krypt.co.
diff --git a/2-using-gpg.md b/2-using-gpg.md
@@ -123,19 +123,6 @@ Before you jump on submitting your key to a service such as the [MIT PGP Key Ser
 - Spammers have been known to harvest email addresses from these servers
 - If you're only signing your Git commits to Github this isn't necessary
 
-## Step 18: Enabling signing with a Git GUI tool (Only do this if you use Git Tower or Github Desktop)
-
-### Step 18a: Modify ~/.gnupg/gpg-agent.conf
-
-    use-standard-socket
-    pinentry-program /usr/local/bin/pinentry-mac
-    enable-ssh-support
-
-### Step 18b: Modify ~/.gnupg/gpg.conf
-
-    use-agent
-    no-tty
-
 # Troubleshooting
 If you have any errors when generating a key regarding gpg-agent, try the following command to see what error it generates:  
 

diff --git a/4-GUI-git-signing.md b/4-GUI-git-signing.md
@@ -1,5 +1,26 @@
 # Git Signing with a GUI Application (e.g. Tower or Github)
 
+## Manually Installed GPG
+
+### Step 1: Modify ~/.gnupg/gpg-agent.conf
+
+    use-standard-socket
+    pinentry-program /usr/local/bin/pinentry-mac
+    enable-ssh-support
+
+### Step 2: Modify ~/.gnupg/gpg.conf
+
+    use-agent
+    no-tty
+
+## Step 3: Copy startup-gpg-agent.sh to ~/bin/
+Copy the .sh file in this gist to `~/bin/`.
+
+## Step 4: Copy org.gnupg.gpg-agent.plist file to ~/Library/LaunchAgents/
+Copy the the plist file in this Gist to `~/Library/LaunchAgents/`.
+
+## Using Krypt.co
+
 ## Step 1: Copy startup-gpg-agent.sh to ~/bin/
 Copy the .sh file in this gist to `~/bin/`.
 

diff --git a/1-setup.md b/1-setup.md
@@ -4,153 +4,4 @@ There are now two ways to approach this:
 1. Using gpg and generating keys
 2. Using Kryptonite by krypt.co
 
-This Gist explains how to do this using gpg.  Kryptonite is actually wickedly easy to use-but you will still need Steps 18c and 18d for using Kryptonite with GUI-based Git applications.
-
-# Using GPG
-
-## Step 1: Install software
-We use the Homebrew package manager for this step.
-
-    brew install gpg2 gpg-agent pinentry-mac       
-
-## Step 2: Update ~/.gnupg/gpg-agent.conf
-If this file does not exist, create it.
-
-    # Insert the following text
-    pinentry-program /usr/local/bin/pinentry-mac
-
-## Step 3: Update or Create ~/.gnupg/gpg.conf
-If this file does not exist, create it.
-
-    # Uncomment within config (or add this line)
-    # This tells gpg to use the gpg-agent
-    use-agent
-
-## Step 4: Modify your Shell
-Append the following to your ~/.bashrc or ~/.zshrc
-
-    ...
-    export GPG_TTY="tty"
-
-## Step 5: Restart your Terminal or source your ~/.*rc file
-
-    source ~/.bashrc
-
-## Step 6: Create your GPG Key
-Run the following command to generate your key, note we have to use the `--expert` flag so as to generate a 4096-bit key.
-
-    gpg --full-gen-key
-
-## Step 7: Update the Permissions on your ~/.gnupg Directory
-You will need to modify the permissions to 700 to secure this directory.  
-
-    chmod 700 ~/.gnupg
-
-## Step 8: Answer the Questions
-Once you have entered your options, pinentry will prompt you for a password for the new PGP key.
-
-    Please select what kind of key you want:
-       (1) RSA and RSA (default)
-       (2) DSA and Elgamal
-       (3) DSA (sign only)
-       (4) RSA (sign only)
-    Your selection? 4
-    RSA keys may be between 1024 and 4096 bits long.
-    What keysize do you want? (2048) 4096
-    Requested keysize is 4096 bits
-    Please specify how long the key should be valid.
-             0 = key does not expire
-          <n>  = key expires in n days
-          <n>w = key expires in n weeks
-          <n>m = key expires in n months
-          <n>y = key expires in n years
-    Key is valid for? (0) 3y
-    Key does not expire at all
-    Is this correct? (y/N) y
-
-    You need a user ID to identify your key; the software constructs the user ID
-    from the Real Name, Comment and Email Address in this form:
-        "Heinrich Heine (Der Dichter) <[email protected]>"
-
-    Real name: Dr Duh
-    Email address: [email protected]
-    Comment:
-    You selected this USER-ID:
-        "Dr Duh <[email protected]>"
-
-    Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
-    You need a Passphrase to protect your secret key.
-
-## Step 9: Get your key info for Git, etc.
-
-    # List your keys
-    gpg -k
-
-## Step 10: Get your key id
-Use the next command to generate a short form of the key fingerprint.
-
-Copy the text after the `rsa4096/` and before the date generated and use the copied id in step 13:  
-
-    gpg -K --keyid-format SHORT
-    sec rsa4096/######## YYYY-MM-DD [SC] [expires: YYYY-MM-DD]
-
-*You need to copy the output similar to the example above where the ######## is.*
-
-## Step 11: Export the fingerprint
-In the output from step 10, the line below the row that says 'pub' shows a fingerprint-this is what you use in the <your key id> placeholder.  The output from below is what you copy to Github:  
-
-    # The export command below gives you the key you add to GitHub
-    gpg --armor --export <your key id>
-
-## Step 12: Configure Git to use gpg
-
-    git config --global gpg.program $(which gpg)
-
-## Step 13: Configure Git to use your signing key
-The below command needs the fingerprint from step 10 above:  
-
-    git config --global user.signingkey 1111111
-
-## Step 14: Configure Git to sign all commits (Optional-you can configure this per repository too)
-This tells Git to sign all commits using the key you specified in step 13.  
-
-    git config --global commit.gpgsign true
-
-## Step 15: Perform a Commit
-
-    git commit -S -s -m "My Signed Commit"
-
-## Step 16: Pinentry Prompt
-You will now be prompted by Pinentry for the password for your signing key.  You can enter it into the Dialog box-with the option of saving the password to the macOS X Keychain.
-
-## Step 17: Submit your PGP key to Github to verify your Commits
-
-## Step 17: Submitting Your Key to a Public Keyserver (very optional)
-Before you jump on submitting your key to a service such as the [MIT PGP Key Server](https://pgp.mit.edu), you should consider the following:
-- You cannot delete your key once submitted
-- Spammers have been known to harvest email addresses from these servers
-- If you're only signing your Git commits to Github this isn't necessary
-
-## Step 18: Enabling signing with a Git GUI tool (Only do this if you use Git Tower or Github Desktop)
-
-### Step 18a: Modify ~/.gnupg/gpg-agent.conf
-
-    use-standard-socket
-    pinentry-program /usr/local/bin/pinentry-mac
-    enable-ssh-support
-
-### Step 18b: Modify ~/.gnupg/gpg.conf
-
-    use-agent
-    no-tty
-
-### Step 18c: Copy startup-gpg-agent.sh to ~/bin/
-Copy the .sh file in this gist to `~/bin/`.
-
-### Step 18d: Copy org.gnupg.gpg-agent.plist file to ~/Library/LaunchAgents/
-Copy the the plist file in this Gist to `~/Library/LaunchAgents/`.
-
-# Troubleshooting
-If you have any errors when generating a key regarding gpg-agent, try the following command to see what error it generates:  
-
-    gpg-agent --daemon
+This Gist explains how to do this using gpg.  Kryptonite is actually wickedly easy to use-but you will still need to follow the instructions [here](4-GUI-git-signing.md) for using Kryptonite with GUI-based Git applications.
diff --git a/2-using-gpg.md b/2-using-gpg.md
@@ -0,0 +1,142 @@
+# Using GPG
+
+## Step 1: Install software
+We use the Homebrew package manager for this step.
+
+    brew install gpg2 gpg-agent pinentry-mac       
+
+## Step 2: Update ~/.gnupg/gpg-agent.conf
+If this file does not exist, create it.
+
+    # Insert the following text
+    pinentry-program /usr/local/bin/pinentry-mac
+
+## Step 3: Update or Create ~/.gnupg/gpg.conf
+If this file does not exist, create it.
+
+    # Uncomment within config (or add this line)
+    # This tells gpg to use the gpg-agent
+    use-agent
+
+## Step 4: Modify your Shell
+Append the following to your ~/.bashrc or ~/.zshrc
+
+    ...
+    export GPG_TTY="tty"
+
+## Step 5: Restart your Terminal or source your ~/.*rc file
+
+    source ~/.bashrc
+
+## Step 6: Create your GPG Key
+Run the following command to generate your key, note we have to use the `--expert` flag so as to generate a 4096-bit key.
+
+    gpg --full-gen-key
+
+## Step 7: Update the Permissions on your ~/.gnupg Directory
+You will need to modify the permissions to 700 to secure this directory.  
+
+    chmod 700 ~/.gnupg
+
+## Step 8: Answer the Questions
+Once you have entered your options, pinentry will prompt you for a password for the new PGP key.
+
+    Please select what kind of key you want:
+       (1) RSA and RSA (default)
+       (2) DSA and Elgamal
+       (3) DSA (sign only)
+       (4) RSA (sign only)
+    Your selection? 4
+    RSA keys may be between 1024 and 4096 bits long.
+    What keysize do you want? (2048) 4096
+    Requested keysize is 4096 bits
+    Please specify how long the key should be valid.
+             0 = key does not expire
+          <n>  = key expires in n days
+          <n>w = key expires in n weeks
+          <n>m = key expires in n months
+          <n>y = key expires in n years
+    Key is valid for? (0) 3y
+    Key does not expire at all
+    Is this correct? (y/N) y
+
+    You need a user ID to identify your key; the software constructs the user ID
+    from the Real Name, Comment and Email Address in this form:
+        "Heinrich Heine (Der Dichter) <[email protected]>"
+
+    Real name: Dr Duh
+    Email address: [email protected]
+    Comment:
+    You selected this USER-ID:
+        "Dr Duh <[email protected]>"
+
+    Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
+    You need a Passphrase to protect your secret key.
+
+## Step 9: Get your key info for Git, etc.
+
+    # List your keys
+    gpg -k
+
+## Step 10: Get your key id
+Use the next command to generate a short form of the key fingerprint.
+
+Copy the text after the `rsa4096/` and before the date generated and use the copied id in step 13:  
+
+    gpg -K --keyid-format SHORT
+    sec rsa4096/######## YYYY-MM-DD [SC] [expires: YYYY-MM-DD]
+
+*You need to copy the output similar to the example above where the ######## is.*
+
+## Step 11: Export the fingerprint
+In the output from step 10, the line below the row that says 'pub' shows a fingerprint-this is what you use in the <your key id> placeholder.  The output from below is what you copy to Github:  
+
+    # The export command below gives you the key you add to GitHub
+    gpg --armor --export <your key id>
+
+## Step 12: Configure Git to use gpg
+
+    git config --global gpg.program $(which gpg)
+
+## Step 13: Configure Git to use your signing key
+The below command needs the fingerprint from step 10 above:  
+
+    git config --global user.signingkey 1111111
+
+## Step 14: Configure Git to sign all commits (Optional-you can configure this per repository too)
+This tells Git to sign all commits using the key you specified in step 13.  
+
+    git config --global commit.gpgsign true
+
+## Step 15: Perform a Commit
+
+    git commit -S -s -m "My Signed Commit"
+
+## Step 16: Pinentry Prompt
+You will now be prompted by Pinentry for the password for your signing key.  You can enter it into the Dialog box-with the option of saving the password to the macOS X Keychain.
+
+## Step 17: Submit your PGP key to Github to verify your Commits
+
+## Step 17: Submitting Your Key to a Public Keyserver (very optional)
+Before you jump on submitting your key to a service such as the [MIT PGP Key Server](https://pgp.mit.edu), you should consider the following:
+- You cannot delete your key once submitted
+- Spammers have been known to harvest email addresses from these servers
+- If you're only signing your Git commits to Github this isn't necessary
+
+## Step 18: Enabling signing with a Git GUI tool (Only do this if you use Git Tower or Github Desktop)
+
+### Step 18a: Modify ~/.gnupg/gpg-agent.conf
+
+    use-standard-socket
+    pinentry-program /usr/local/bin/pinentry-mac
+    enable-ssh-support
+
+### Step 18b: Modify ~/.gnupg/gpg.conf
+
+    use-agent
+    no-tty
+
+# Troubleshooting
+If you have any errors when generating a key regarding gpg-agent, try the following command to see what error it generates:  
+
+    gpg-agent --daemon
diff --git a/3-using-krypt.md b/3-using-krypt.md
@@ -0,0 +1 @@
+# Krypt.co
diff --git a/4-GUI-git-signing.md b/4-GUI-git-signing.md
@@ -0,0 +1,7 @@
+# Git Signing with a GUI Application (e.g. Tower or Github)
+
+## Step 1: Copy startup-gpg-agent.sh to ~/bin/
+Copy the .sh file in this gist to `~/bin/`.
+
+## Step 2: Copy org.gnupg.gpg-agent.plist file to ~/Library/LaunchAgents/
+Copy the the plist file in this Gist to `~/Library/LaunchAgents/`.
diff --git a/2-helpful-urls.md → 5-helpful-urls.md b/2-helpful-urls.md → 5-helpful-urls.md
diff --git a/2-helpful-urls.md b/2-helpful-urls.md
@@ -1,3 +1,3 @@
-https://help.github.com/enterprise/2.11/user/articles/signing-commits-using-gpg/
-http://irtfweb.ifa.hawaii.edu/~lockhart/gpg/
-https://help.github.com/articles/associating-an-email-with-your-gpg-key/
+https://help.github.com/enterprise/2.11/user/articles/signing-commits-using-gpg/  
+http://irtfweb.ifa.hawaii.edu/~lockhart/gpg/  
+https://help.github.com/articles/associating-an-email-with-your-gpg-key/  
diff --git a/2-helpful-urls.md b/2-helpful-urls.md
@@ -0,0 +1,3 @@
+https://help.github.com/enterprise/2.11/user/articles/signing-commits-using-gpg/
+http://irtfweb.ifa.hawaii.edu/~lockhart/gpg/
+https://help.github.com/articles/associating-an-email-with-your-gpg-key/
diff --git a/1-setup.md b/1-setup.md
@@ -6,45 +6,47 @@ There are now two ways to approach this:
 
 This Gist explains how to do this using gpg.  Kryptonite is actually wickedly easy to use-but you will still need Steps 18c and 18d for using Kryptonite with GUI-based Git applications.
 
-# Step 1: Install software
+# Using GPG
+
+## Step 1: Install software
 We use the Homebrew package manager for this step.
 
     brew install gpg2 gpg-agent pinentry-mac       
 
-# Step 2: Update ~/.gnupg/gpg-agent.conf
+## Step 2: Update ~/.gnupg/gpg-agent.conf
 If this file does not exist, create it.
 
     # Insert the following text
     pinentry-program /usr/local/bin/pinentry-mac
 
-# Step 3: Update or Create ~/.gnupg/gpg.conf
+## Step 3: Update or Create ~/.gnupg/gpg.conf
 If this file does not exist, create it.
 
     # Uncomment within config (or add this line)
     # This tells gpg to use the gpg-agent
     use-agent
 
-# Step 4: Modify your Shell
+## Step 4: Modify your Shell
 Append the following to your ~/.bashrc or ~/.zshrc
 
     ...
     export GPG_TTY="tty"
 
-# Step 5: Restart your Terminal or source your ~/.*rc file
+## Step 5: Restart your Terminal or source your ~/.*rc file
 
     source ~/.bashrc
 
-# Step 6: Create your GPG Key
+## Step 6: Create your GPG Key
 Run the following command to generate your key, note we have to use the `--expert` flag so as to generate a 4096-bit key.
 
     gpg --full-gen-key
 
-# Step 7: Update the Permissions on your ~/.gnupg Directory
+## Step 7: Update the Permissions on your ~/.gnupg Directory
 You will need to modify the permissions to 700 to secure this directory.  
 
     chmod 700 ~/.gnupg
 
-# Step 8: Answer the Questions
+## Step 8: Answer the Questions
 Once you have entered your options, pinentry will prompt you for a password for the new PGP key.
 
     Please select what kind of key you want:
@@ -79,12 +81,12 @@ Once you have entered your options, pinentry will prompt you for a password for
     Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
     You need a Passphrase to protect your secret key.
 
-# Step 9: Get your key info for Git, etc.
+## Step 9: Get your key info for Git, etc.
 
     # List your keys
     gpg -k
 
-# Step 10: Get your key id
+## Step 10: Get your key id
 Use the next command to generate a short form of the key fingerprint.
 
 Copy the text after the `rsa4096/` and before the date generated and use the copied id in step 13:  
@@ -94,58 +96,58 @@ Copy the text after the `rsa4096/` and before the date generated and use the cop
 
 *You need to copy the output similar to the example above where the ######## is.*
 
-# Step 11: Export the fingerprint
+## Step 11: Export the fingerprint
 In the output from step 10, the line below the row that says 'pub' shows a fingerprint-this is what you use in the <your key id> placeholder.  The output from below is what you copy to Github:  
 
     # The export command below gives you the key you add to GitHub
     gpg --armor --export <your key id>
 
-# Step 12: Configure Git to use gpg
+## Step 12: Configure Git to use gpg
 
     git config --global gpg.program $(which gpg)
 
-# Step 13: Configure Git to use your signing key
+## Step 13: Configure Git to use your signing key
 The below command needs the fingerprint from step 10 above:  
 
     git config --global user.signingkey 1111111
 
-# Step 14: Configure Git to sign all commits (Optional-you can configure this per repository too)
+## Step 14: Configure Git to sign all commits (Optional-you can configure this per repository too)
 This tells Git to sign all commits using the key you specified in step 13.  
 
     git config --global commit.gpgsign true
 
-# Step 15: Perform a Commit
+## Step 15: Perform a Commit
 
     git commit -S -s -m "My Signed Commit"
 
-# Step 16: Pinentry Prompt
+## Step 16: Pinentry Prompt
 You will now be prompted by Pinentry for the password for your signing key.  You can enter it into the Dialog box-with the option of saving the password to the macOS X Keychain.
 
-# Step 17: Submit your PGP key to Github to verify your Commits
+## Step 17: Submit your PGP key to Github to verify your Commits
 
-# Step 17: Submitting Your Key to a Public Keyserver (very optional)
+## Step 17: Submitting Your Key to a Public Keyserver (very optional)
 Before you jump on submitting your key to a service such as the [MIT PGP Key Server](https://pgp.mit.edu), you should consider the following:
 - You cannot delete your key once submitted
 - Spammers have been known to harvest email addresses from these servers
 - If you're only signing your Git commits to Github this isn't necessary
 
-# Step 18: Enabling signing with a Git GUI tool (Only do this if you use Git Tower or Github Desktop)
+## Step 18: Enabling signing with a Git GUI tool (Only do this if you use Git Tower or Github Desktop)
 
-## Step 18a: Modify ~/.gnupg/gpg-agent.conf
+### Step 18a: Modify ~/.gnupg/gpg-agent.conf
 
     use-standard-socket
     pinentry-program /usr/local/bin/pinentry-mac
     enable-ssh-support
 
-## Step 18b: Modify ~/.gnupg/gpg.conf
+### Step 18b: Modify ~/.gnupg/gpg.conf
 
     use-agent
     no-tty
 
-## Step 18c: Copy startup-gpg-agent.sh to ~/bin/
+### Step 18c: Copy startup-gpg-agent.sh to ~/bin/
 Copy the .sh file in this gist to `~/bin/`.
 
-## Step 18d: Copy org.gnupg.gpg-agent.plist file to ~/Library/LaunchAgents/
+### Step 18d: Copy org.gnupg.gpg-agent.plist file to ~/Library/LaunchAgents/
 Copy the the plist file in this Gist to `~/Library/LaunchAgents/`.
 
 # Troubleshooting

diff --git a/1-setup.md b/1-setup.md
@@ -1,3 +1,11 @@
+# Methods of Signing with GPG
+
+There are now two ways to approach this:
+1. Using gpg and generating keys
+2. Using Kryptonite by krypt.co
+
+This Gist explains how to do this using gpg.  Kryptonite is actually wickedly easy to use-but you will still need Steps 18c and 18d for using Kryptonite with GUI-based Git applications.
+
 # Step 1: Install software
 We use the Homebrew package manager for this step.