I recently had to create a new identity and GPG signing key for my github profile. Here is how I did, for future reference:
Creating the key and exporting it
I created the key in thunderbird, which I use for my emails. I did it directly there, but it's also possible to generate it directly on the command line.
I had some trouble finding how to export the key from thunderbird, you actually have to open the OpenPGP key manager, select you key and then do "file/export", which is kind of unintuitive.
I realized afterhand that the code I entered here will be stored in my keyring manager. Choose something unique ;-)
Importing it in the local keyring
gpg --import /Volumes/o5avOD-1fyGp/Clés/Alexis\ Métaireau\ --redacted--@freedom.press-\(0xC65C7A89A8FFC56E\)-secret.asc
It should show up when using gpg --list-keys:
gpg --list-keys
[keyboxd]
---------
pub ed25519 2024-05-27 [SC] [expire : 2027-05-27]
454294C6FF8B9716A5F641A9C65C7A89A8FFC56E
uid [ inconnue] Alexis M <--redacted--@freedom.press>
sub cv25519 2024-05-27 [E] [expire : 2027-05-27]
Signing your commits
Add this section to you .gitcommit file:
[commit]
gpgsign = true
Which is also possible by entering this on the command line:
git config --global commit.gpgsign true
Using multiple identities dependening the git repo
So, I want to use only one github account, tied to different identities.
In your .gitconfig, you can load different configuration files depending on the
repo being used using the includeIf key. Here's what my file look likes:
[includeIf "gitdir:~/dev/**/.git"]
path = .gitconfig-user
[includeIf "gitdir:~/dev/fpf/**/.git"]
path = ~/.gitconfig-fpf
And the ~/.gitconfig-fpf file:
[user]
name = Alexis M
email = --redacted--@freedom.press
Exporting the public PGP keys
At some point, I also needed to give github the public key associated with my private key. As I'm using Thunderbird to store the keys, I asked it to export the public key.