When creating your GPG keys, it is important to set your git config user.email
to be the same as (one of) the emails in your GPG signature. Even though I had my key set up properly, I discovered the git user wasn’t, and the ‘unverified’ button kept popping up. Do that by:
git config --global user.email "your@email.com”
Generally however, I like to set a git user per project: for my work projects I use a different email than my personal projects. GPG allows this by allowing you to add a uid
. The steps to add a second email to your key signature are (source):
gpg --list-secret-keys --keyid-format LONG
to list keys. key-id
is the part that comes after rsa4096/
gpg —edit-key <key-id>
adduid
O
uid <uid>
trust
5
y
save
Your publics key does not change as a result, so you won’t have to upload a new key to Github/Gitlab.