Use Git Sign with GPG inside WSL2

Today, we will enable Git Sign with GPG inside the WSL2.

Test your GPG Setup

Set up your YubiKey and check if it is recognized:

gpg --list-signatures

You should now see something like this:

/home/envoyr/.gnupg/pubring.kbx
-------------------------------
pub   rsa4096 XXXX-XX-XX [C]
      XXXXXXXXXXXXXXXXXXXXXXXX1A7CD6B10EBDBB79
uid           [ultimate] Maurice Preuss (envoyr) <hello@envoyr.com>
sig 3        1A7CD6B10EBDBB79 XXXX-XX-XX  Maurice Preuss (envoyr) <hello@envoyr.com>
sub   rsa4096 XXXX-XX-XX [A] [expires: XXXX-XX-XX]
sig          1A7CD6B10EBDBB79 XXXX-XX-XX  Maurice Preuss (envoyr) <hello@envoyr.com>
sub   rsa4096 XXXX-XX-XX [E] [expires: XXXX-XX-XX]
sig          1A7CD6B10EBDBB79 XXXX-XX-XX  Maurice Preuss (envoyr) <hello@envoyr.com>
sub   rsa4096 XXXX-XX-XX [S] [expires: XXXX-XX-XX]
sig          1A7CD6B10EBDBB79 XXXX-XX-XX  Maurice Preuss (envoyr) <hello@envoyr.com>
Enable Git Signing

Now you can use the signing key signature [S] to sign your commits.

The important thing is that the GPG program of Windows is also linked, WLS can handle it and the commits can be properly signed. (It took me forever to figure this out 😅)

git config --global user.name envoyr
git config --global user.email hello@envoyr.com
git config --global user.signingkey 1A7CD6B10EBDBB79
git config --global commit.gpgsign true
git config --global gpg.program "/mnt/c/Program Files (x86)/GnuPG/bin/gpg.exe"

Verify your changes with the following:

cat ~/.gitconfig

Your config should now look like this:

[user]
        name = envoyr
        email = hello@envoyr.com
        signingkey = 1A7CD6B10EBDBB79
[commit]
        gpgsign = true

[gpg]
        program = /mnt/c/Program Files (x86)/GnuPG/bin/gpg.exe

You’re now able to sign your commits in WSL2, you can run the commit command as usual:

git commit -m "some example commit"

Done! Your commits are now signed.