Why use GPG

install gpg app

brew install gnupg pinentry-mac

create config folder

mkdir -m 700 -p ~/.gnupg

create config

echo "pinentry-program $(which pinentry-mac)" >> ~/.gnupg/gpg-agent.conf

Generate a new GPG key

gpg --full-generate-key

• ECC (sign only)
• Curve 25519 default
• 0 = key does not expire

input user Info
input Passphrase, if you need

Test GPG

echo "test" | gpg --clearsign

get key info

gpg --list-secret-keys --keyid-format=long

/Users/{USER_NAME}/.gnupg/pubring.kbx
------------------------------
sec   ed25519/xxxxxxxxxxx 2023-02-23 [SC]
      oooooooooooooooooooooooooooooo
uid                 [ultimate] Cola (github) <[email protected]>

copy xxxxxxxxxxx, it is key number

create public Key for Github

gpg --armor --export xxxxxxxxxxx

The output of this is your public key block.
Copy this into the Key field on GitHub.
Include the -----BEGIN PGP PUBLIC KEY BLOCK-----
and -----END PGP PUBLIC KEY BLOCK----- in what you paste into GitHub.
got to Github Setting, Click Add GPG key and paste
(Adding a GPG key to your GitHub account - GitHub Docs)

Setup Git

git config --global user.signingkey xxxxxxxxxxx
git config --global commit.gpgsign true
git config --global tag.gpgSign true
git config --global gpg.program $(which gpg)

check Git Config

git config --global -e

Backup GPG key

gpg --output PUB_KEY.gpg --armor --export xxxxxxxxxxx

gpg --output SEC_KEY.gpg --armor --export-secret-key xxxxxxxxxxx