Test your GPG Setup
Set up your YubiKey and check if it is recognized:
gpg --list-signatures
You should now see something like this:
/home/envoyr/.gnupg/pubring.kbx
-------------------------------
pub rsa4096 XXXX-XX-XX [C]
XXXXXXXXXXXXXXXXXXXXXXXX1A7CD6B10EBDBB79
uid [ultimate] Maurice Preuss (envoyr) <hello@envoyr.com>
sig 3 1A7CD6B10EBDBB79 XXXX-XX-XX Maurice Preuss (envoyr) <hello@envoyr.com>
sub rsa4096 XXXX-XX-XX [A] [expires: XXXX-XX-XX]
sig 1A7CD6B10EBDBB79 XXXX-XX-XX Maurice Preuss (envoyr) <hello@envoyr.com>
sub rsa4096 XXXX-XX-XX [E] [expires: XXXX-XX-XX]
sig 1A7CD6B10EBDBB79 XXXX-XX-XX Maurice Preuss (envoyr) <hello@envoyr.com>
sub rsa4096 XXXX-XX-XX [S] [expires: XXXX-XX-XX]
sig 1A7CD6B10EBDBB79 XXXX-XX-XX Maurice Preuss (envoyr) <hello@envoyr.com>
Enable Git Signing
Now you can use the signing key signature [S] to sign your commits.
The important thing is that the GPG program of Windows is also linked, WLS can handle it and the commits can be properly signed. (It took me forever to figure this out 😅)
git config --global user.name envoyr
git config --global user.email hello@envoyr.com
git config --global user.signingkey 1A7CD6B10EBDBB79
git config --global commit.gpgsign true
git config --global gpg.program "/mnt/c/Program Files (x86)/GnuPG/bin/gpg.exe"
Verify your changes with the following:
cat ~/.gitconfig
Your config should now look like this:
[user]
name = envoyr
email = hello@envoyr.com
signingkey = 1A7CD6B10EBDBB79
[commit]
gpgsign = true
[gpg]
program = /mnt/c/Program Files (x86)/GnuPG/bin/gpg.exe
You’re now able to sign your commits in WSL2, you can run the commit command as usual:
git commit -m "some example commit"
Done! Your commits are now signed.