Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Configure GPG for Git on Windows

I installed Git for Windows including Git Bash on Windows 10 and Gpg4win. By default, I had to re-import all keys I created via Kleopatra into the GPG version built into the Git Bash, and it won't allow me to setup an agent. What I need to do is to automate singing such that I don't need to enter the password every single time, but rather only the first time in a given period of time. How is that possible?

I tried to follow this tutorial, but gpg2 does not use the correct charset when executed from within Git Bash, so it does not recognize keys which contain non-ASCII characters.

Is there any way to solve this problem? What is the best way to use PGP signing with Git on Windows?

like image 511
just.me Avatar asked Oct 28 '17 17:10

just.me


People also ask

How do I get GPG for Windows?

To install GPG on your computer, first go to the GPG web site http://www.gnupg.org/(en)/download/index.html and download the Windows package. Look for the links that says, "GPG [some version number] compiled for Microsoft Windows." You will need a program that reads Zip files to unpack the compressed file.


2 Answers

Update Oct. 2018, as commented below by PHPirate:

λ git --version
git version 2.19.1.windows.1

λ gpg --version
gpg (GnuPG) 2.2.9-unknown
libgcrypt 1.8.3
Copyright (C) 2018 Free Software Foundation, Inc.

No trace of that update in git-for-windows/git/releases


Original answer (2017): By default, Git for Windows includes a gpg1, not gpg2

vonc@bvonc MINGW64 ~/.ssh
$ gpg --version
gpg (GnuPG) 1.4.21

Using a different gpg is indeed recommended:

git config --global gpg.program "c:/Program Files (x86)/GnuPG/bin/gpg.exe"

Try again with the latest Git for Windows with UTF-8 set in locale.
Try a Git simplified path to rule out any interference from other programs.

like image 151
VonC Avatar answered Oct 17 '22 16:10

VonC


Since (at least) git 2.19.1, git includes gpg2!

That means you are not required to install gpg4win anymore just for git signing. You ask how to setup commit signing such that you only have to enter your passphrase after a certain timeout: gpg-agent can handle that, and I tested that it works with git's gpg (but not with gnupg's gpg). Although it doesn't always work for me, it should work in general.

Below is a short summary of the full instructions I have written down here, assuming you have signing set up:

  1. Make sure you are using git's gpg
  2. Update the cache time, in C:\Users\username\.gnupg\gpg-agent.conf (create the file if it doesn't exist), add default-cache-ttl 34560000 and max-cache-ttl 34560000. These times are in seconds, choose whatever you want.
  3. Restart gpg-agent using gpgconf --kill gpg-agent.
like image 18
PHPirate Avatar answered Oct 17 '22 18:10

PHPirate