Probably one of the easiest things you'll ever do with `gpg`

Install Keybase: https://keybase.io/download and Ensure the keybase cli is in your `PATH`

First get the public key
```
keybase pgp export | gpg --import
```

Next get the private key
```
keybase pgp export --secret | gpg --allow-secret-key --import
```

Verify progress:
```
gpg --list-secret-keys
```

Looks for something like
```
sec   4096R/C9D8E1A1 2017-02-16 [expires: 2033-02-12]
uid                  Sean Escriva <sean.escriva@gmail.com>
ssb   4096R/CC67212E 2017-02-16
```
The email address should match your Github email.

The `C9D8E1A1` part is what you need next. By default this key is untrusted, so we'll fix that.
To edit trust:
```
$ gpg --edit-key C9D8E1A1
gpg> trust
Please decide how far you trust this user to correctly verify other users' keys
(by looking at passports, checking fingerprints from different sources, etc.)

  1 = I don't know or won't say
  2 = I do NOT trust
  3 = I trust marginally
  4 = I trust fully
  5 = I trust ultimately
  m = back to the main menu

Your decision? 5
Do you really want to set this key to ultimate trust? (y/N) y
```

There are many levels of trust so choose what you're comfortable with.

```
$ git config --global user.signingkey C9D8E1A1
$ git config --global commit.gpgsign true
```

Now add it to your Github profile:
```
gpg --armor --export C9D8E1A1 | xclip
```
Add it to your GitHub profile under *Settings/SSH and GPG keys.*
Replace `xclip` with `clip` or `pbcopy` for your current platform.

Use gpg agent if you don't want to enter the password every time.

View signed commits with : `git log --show-signature -1`