First get the public key
keybase pgp export | gpg2 --import
Next get the private key
keybase pgp export --secret | gpg2 --allow-secret-key --import
Verify progress:
gpg2 --list-secret-keys
Looks for something like
sec 4096R/C9D8E1A1 2017-02-16 [expires: 2033-02-12]
uid Sean Escriva <[email protected]>
ssb 4096R/CC67212E 2017-02-16
The email address should match your GitHub email.
The C9D8E1A1 part is what you need next. By default this key is untrusted, so we'll fix that.
To edit trust:
$ gpg2 --edit-key C9D8E1A1
gpg> trust
Please decide how far you trust this user to correctly verify other users' keys
(by looking at passports, checking fingerprints from different sources, etc.)
1 = I don't know or won't say
2 = I do NOT trust
3 = I trust marginally
4 = I trust fully
5 = I trust ultimately
m = back to the main menu
Your decision? 5
Do you really want to set this key to ultimate trust? (y/N) y
There are many levels of trust so choose what you're comfortable with.
$ git config --global user.signingkey C9D8E1A1
$ git config --global commit.gpgsign true
Now add it to your Github profile:
gpg2 --armor --export C9D8E1A1
Add it to your GitHub profile under Settings/SSH and GPG keys.
If you see error: gpg failed to sign the data, the Git client may be trying to call wrong
version of the GPG tool.
git config --global gpg.program gpg2
Use gpg agent if you don't want to enter the password every time.
View signed commits with : git log --show-signature -1