DEV Community

Cover image for Signing Git Commits on Mac OS via SmartGit
Humberto A Sanchez II
Humberto A Sanchez II

Posted on

Signing Git Commits on Mac OS via SmartGit

Introduction

Between this article and this article, I figured out how to sign my GitHub commits.

Essentially it showed me how to:

  • Check the GPG installation
  • Check the keys
  • Configure a single repository to use a signing key
  • Verify signed commits
  • It pointed me here for instructions on how to add my GPG key to GitHub

In SmartGit you can configure signing by typing:

Smartgit —> Settings —>Git config

You will see the following dialog. Enter your information.

SmartGit Dialog

However, commits with SmartGit failed because pinentry (pin entry, get it !) was trying to popup a terminal based UI to ask me for the signing key passphrase.

Because I use homebrew it is rather confusing as to where to configure gpg, the gpg-agent, and pinentry. Lots of the docmentation is for Linux and to make matters worse I am on Mac OS.

Earlier documentation suggested I had to update gpg.conf to configure pinentry.

Finally found this article that correctly pointed to gpg-agent.conf

Actually it said:

~/.gnupg/gpg-agent.conf

But I deduced that the homebrew configuration files resided here:

/opt/homebrew/etc/gnupg

The file did not exist so I created it. Voila, on my next check-in SmartGit popped up the OS X pin entry dialog

Image description

My Cliff's notes on key generation

gpg --full-generate-key
Enter fullscreen mode Exit fullscreen mode

List the key to get the signing key

gpg --list-secret-keys --keyid-format LONG
Enter fullscreen mode Exit fullscreen mode

Export public to import into GitHub

gpg --armor --export [my key] > public.gpg
Enter fullscreen mode Exit fullscreen mode

Verify signed commits

git log --show-signature
Enter fullscreen mode Exit fullscreen mode

Top comments (0)