Create Export Import SSH and GPG key
/ 3 min read
SSH Key
Create SSH Key
- Generate SSH Key with ed25519 algorithm.
ssh-keygen -t ed25519 -C "johndoe@example.com"
- See the generated key.
cat ~/.ssh/id_ed25519.pub # ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIB8J6 "johndoe@example.com"
Export SSH Key
- Export the public key.
cat ~/.ssh/id_ed25519.pub # ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIB8J6 "johndoe@example.com"
- Export the private key.
cat ~/.ssh/id_ed25519 # -----BEGIN OPENSSH PRIVATE KEY----- # b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcnNhAAAAAwEAAQAAAYEAq3zvz # ...
- Copy the public key and private key to a safe place.
- Restart the ssh-agent.
killall ssh-agent; eval `ssh-agent`
Import SSH Key
- Create a new file with the name id_ed25519.pub.
- Paste the public key to the file.
- Create a new file with the name id_ed25519.
- Paste the private key to the file.
Config SSH Key
- Add the following configuration to ~/.ssh/config.
Host github.com Hostname github.com User git IdentityFile ~/.ssh/id_ed25519
- Test the ssh connection.
ssh -T git@github.com # Hi johndoe! You've successfully authenticated, but GitHub does not provide shell access.
GPG Key
Create GPG Key
- Generate GPG Key.
gpg --full-generate-key
- List the GPG Key.
gpg --list-secret-keys --keyid-format=long # sec 4096R/3AA5C34371567BD2 2016-03-10 [expires: 2027-04-10] # uid John Doe <johndoe@example.com> # ssb 4096R/4BB6D45482678BE3 2016-03-10
- Show the public key.
gpg --armor --export 3AA5C34371567BD2 # -----BEGIN PGP PUBLIC KEY BLOCK----- # ...
Export GPG Key
- Export the public key.
gpg --export --export-options backup --output public.gpg johndoe@example.com
- Export the private key.
gpg --export-secret-keys --export-options backup --output private.gpg johndoe@example.com
- Export trust database.
gpg --export-ownertrust > trust.gpg
- List the exported files.
ls -hl *.gpg # -rw-r--r-- 1 johndoe johndoe 1.5K Apr 26 10:00 public.gpg # -rw-r--r-- 1 johndoe johndoe 3.5K Apr 26 10:00 private.gpg # -rw-r--r-- 1 johndoe johndoe 1.0 Apr 26 10:00 trust.gpg
- Copy the exported files to a safe place.
Import GPG Key
- Import the public key.
gpg --import public.gpg
- Import the private key.
gpg --import private.gpg
- Import trust database.
gpg --import-ownertrust trust.gpg
- List the imported keys.
gpg --list-secret-keys --keyid-format=long # sec 4096R/3AA5C34371567BD2 2016-03-10 [expires: 2027-04-10] # uid John Doe <johndoe@example.com> # ssb 4096R/4BB6D45482678BE3 2016-03-10
Config Git with Signing Key
- Set the GPG Key to git.
git config --global user.signingkey johndoe@example.com
- Set the GPG Program to git. (Windows)
git config --global gpg.program "C:/Program Files (x86)/GnuPG/bin/gpg.exe"
- Set the commit to sign.
git config --global commit.gpgsign true
- Set the tag to sign.
git config --global tag.gpgSign true
- Try to sign the commit.
git commit -S -m "Signed commit"
- Show commit signature
git show --show-signature -1 # gpg: Signature made Sat 27 Apr 2024 06:40:30 AM WIB # gpg: using RSA key XXXXXXXXXXXXXXXXXXXXXXX # gpg: issuer "johndoe@example.com" # gpg: Good signature from "John Dow (johndoe GPG Key) <johndoe@example.com>" [ultimate] # Author: johndoe <johndoe@example.com> # Date: Sat Apr 27 06:40:30 2024 +0700
Referece
- Anonymous - Generating a new SSH key and adding it to the ssh-agent (docs.github.com)
- Joaquim Ley - restart-ssh-gist (gist.github.com)
- Anonymous - Generating a new GPG key (docs.github.com)
- Visual Studio Code - Source Control Tip 19: Signing a commit via GPG (youtube.com)
- Dave McKay - How to Back Up and Restore Your GPG Keys on Linux (howtogeek.com)