DEV Community

loading...
Cover image for The ultimate guide to Yubikey on WSL2 [Part 3]

The ultimate guide to Yubikey on WSL2 [Part 3]

dzerycz profile image Jaroslav Živný Originally published at jardazivny.Medium Updated on ・2 min read

If you haven’t setup GPG on Yubikey or you cannot access YubiKey from within WSL. Please check previous parts (1, 2) of this series.

Disclaimer I: This tutorial is written for WSL2 with Ubuntu. It may differ distro from distro.

Disclaimer II: I’m going to use Github in this tutorial, but process of setup for other major GIT servers (GitLab, Bitbucket, …) are pretty much the same.

Let’s continue where we left off in part 2.


Authenticate against Git server via GPG

In order to authenticate against GIT server we need a public ssh key. We connected WSL’s ssh agent in the 2nd part of this tutorial to GPG key over socket. So now we can use the public key from there.

Get SSH public key:

# WSL2
$ ssh-add -L
Enter fullscreen mode Exit fullscreen mode

Take the output and paste it to GitHub settings -> SSH and GPG Keys -> New SSH Key.

When you now try to pull or push from remote GIT repository, there will show up a modal requesting your GPG PIN on your screen.


Signing git commits with GPG

1 - Configure Git by

# WSL2
git config --global user.signingkey YOUR_KEY_ID # In my case 1E9...
git config --global gpg.program gpg
git config --global commit.gpgsign true
Enter fullscreen mode Exit fullscreen mode

2 - Export Public Key

# WSL2
gpg --armor --export YOUR_KEY_ID # In my case 1E9...
Enter fullscreen mode Exit fullscreen mode

3 - Put this public GPG key to Gitlab Setting -> SSH and GPG keys -> New GPG Key. In case you’re using GitLab, Bitbucket or other Git servers, there is a similar way to configure GPG Key.

Now when you create a new commit, there will show up a dialog requesting your PIN on your screen.

Dialog requesting your GPG PIN

In case you’re using verified Email address (in Github) for the GPG key and you configured the same address in Git git config --global user.email. You should be able to see Verified badge next to your commit.

A Commit with Verified badge

Discussion (0)

Forem Open with the Forem app