How to Sign Your Git Commit

Today I learned that you can sign your git commit with GPG. Before you can sign your commit, you need to have a GPG keypair configured on your machine.

To generate a GPG keypair, run the following command.

gpg --full-generate-key

Once you have a GPG keypair, you can sign your commit with -S flag.

git commit -S -m "your commit message"

You can sign all commits by default in any local repository by running the following command.

git config --global commit.gpgsign true

You can also add your GPG key to your Github account so that they can verify your commits’ signature.