If you don't have signing set up on your device and you only want to make simple changes, it will be easier to use github's edit button for single file changes or github's online VSCode editor for multi-file changes. These tools will sign your commit automatically.
For complex changes you will want to set up signing on your device. Follow along with the subsection below that applies to you.
If your situation is not listed below, consider adding your steps to help out others.
If you have a Yubikey, and use macOS or Linux, follow guide 1 and guide 2. For windows with a Yubikey, follow this guide.
Without a Yubikey:
-
Make git sign your commits automatically:
git config --global commit.gpgsign true
This explanation was based on the steps outlined here.
On linux, run:
gpg --list-keys --keyid-format SHORT | grep ^pub
gpg --export --armor [Your_Key_ID] > public.asc
Copy the public.asc file to windows.
Download and install Gpg4win.
Open the program Kleopatra (installed with gpg4win) and go to Smartcards.
You should see your Yubikey there, it should also say something like failed to find public key locally. Click the import button and open the public.asc file you created earlier.
Close Kleopatra.
Install the YubiKey Minidriver for 64-bit systems – Windows Installer.
Insert your Yubikey and check if it is mentioned in the output of gpg --card-status (powershell).
Open powershell and execute:
git config --global gpg.program "c:\Program Files (x86)\GnuPG\bin\gpg.exe"
git config --global commit.gpgsign true
gpg --list-secret-keys --keyid-format LONG
The last command will show your keyid. On the line that says [SC], copy the id.
In the example below the id is 683AB68D867FEB5C
sec> rsa4096/683AB68D867FEB5C 2020-02-02 [SC] [expires: 2022-02-02]
Tell git your keyid:
>git config --global user.signingkey YOUR_KEY_ID_HERE
That's it!
TODO