Disclaimer I: This tutorial is written for WSL2 with Ubuntu. It may differ distro from distro.
Disclaimer II: I’m going to use Github in this tutorial, but process of setup for other major GIT servers (GitLab, Bitbucket, …) are pretty much the same.
Let’s continue where we left off in part 2.
Authenticate against Git server via GPG
In order to authenticate against GIT server we need a public ssh key. We connected WSL’s ssh agent in the 2nd part of this tutorial to GPG key over socket. So now we can use the public key from there.
Get SSH public key:
$ ssh-add -L
Take the output and paste it to GitHub settings -> SSH and GPG Keys -> New SSH Key.
When you now try to pull or push from remote GIT repository, there will show up a modal requesting your GPG PIN on your screen.
Signing git commits with GPG
- Configure Git by
git config --global user.signingkey YOUR_KEY_ID # In my case 1E9...
git config --global gpg.program gpg
git config --global commit.gpgsign true
2. Export Public Key
gpg --armor --export YOUR_KEY_ID # In my case 1E9...
Now when you create a new commit, there will show up a dialog requesting your PIN on your screen.
In case you’re using verified Email address (in Github) for the GPG key and you configured the same address in Git git config — global user.email. You should be able to see Verified badge next to your commit.