DEV Community

Joel Lau
Joel Lau

Posted on • Edited on

Setting Up Git (Windows)

#git #github #windows #config

In this post, I will run through how to properly set your Windows machine up for use with GitHub. We will install the necessary software, configure SSH for authentication, and GPG to sign off our commits.

Skip to the TL;DR section if you already know what you're doing!

Git

Install git if you haven't already done so.

> winget install Microsoft.Git ; Found Microsoft Git [Microsoft.Git] Version 2.40.1.0.0 This application is licensed to you by its owner. Microsoft is not responsible for, nor does it grant any licenses to, third-party packages. Downloading https://github.com/microsoft/git/releases/download/v2.40.1.vfs.0.0/Git-2.40.1.vfs.0.0-64-bit.exe ██████████████████████████████ 55.2 MB / 55.2 MB Successfully verified installer hash Starting package install... Successfully installed
Enter fullscreen mode Exit fullscreen mode

Verify that the installation is working.

> git --version ; git version 2.40.1.vfs.0.0
Enter fullscreen mode Exit fullscreen mode

SSH

ssh-agent

Verify that the ssh-agent is running. It should have been included with your installation of Git (install Git)

> Get-Service ssh-agent Status Name DisplayName ------ ---- ----------- Running ssh-agent OpenSSH Authentication Agent
Enter fullscreen mode Exit fullscreen mode

In the case that ssh-agent is Stopped or Disabled, follow the advice on this stackoverflow answer to run the following on PowerShell on admin mode.

Get-Service -Name ssh-agent | Set-Service -StartupType Manual
Enter fullscreen mode Exit fullscreen mode

SSH Config

Create an SSH key pair.

Remember to replace your_email@example.com with your own email address!

> ssh-keygen -t ed25519 -C your_email@example.com Generating public/private ed25519 key pair. Enter file in which to save the key (C:\Users\user_name/.ssh/id_ed25519): Created directory 'C:\Users\user_name/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in C:\Users\user_name/.ssh/id_ed25519. Your public key has been saved in C:\Users\user_name/.ssh/id_ed25519.pub. The key fingerprint is: SHA256:JDCPuYyjvbBApibR62OhJcBag/PGLbeunxYYD0BFc+w your_email@example.com The key's randomart image is: +--[ED25519 256]--+ |..o++. | |. oB | |.o + o . | |+o=o E o | |+B+Bo S | |*+Oo= | |**o+ o | |=+o.o. | |..+*+ | +----[SHA256]-----+
Enter fullscreen mode Exit fullscreen mode

Add to ssh-agent. You will need to do this whenever you first start up your computer.

> ssh-add 'C:\Users\user_name\.ssh\id_ed25519' Identity added: C:\Users\user_name\.ssh\id_ed25519 (your_email@example.com)
Enter fullscreen mode Exit fullscreen mode

Show your public key

> cat C:\Users\user_name/.ssh/id_ed25519.pub ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGy2VTtWVdYHlxCfnh8Me3V++wZBBxcnN0QiwkWrFbMX your_email@example.com
Enter fullscreen mode Exit fullscreen mode

Keep the terminal window open, you will need in the next steps.

GitHub Settings

Get to your personal GitHub Key settings by either:

Filled 'Add SSH Key' form on Github

Fill in the form with the necessary information before submitting the form. You should see the new entry on the keys page:

Image description

GPG

Installing

Install GPG if you don't already have it

winget install GnuPG.GnuPG ;
Enter fullscreen mode Exit fullscreen mode

Verify that the GPG is running and that you're running version > 2.

> gpg --version gpg (GnuPG) 2.4.1 libgcrypt 1.10.2 Copyright (C) 2023 g10 Code GmbH License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Home: C:\Users\user_name\AppData\Roaming\gnupg Supported algorithms: Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128, CAMELLIA192, CAMELLIA256 Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 Compression: Uncompressed, ZIP, ZLIB, BZIP2
Enter fullscreen mode Exit fullscreen mode

GPG Config

Generate a new key by entering gpg --full-generate-key.

I recommend using the default settings by hitting enter at each step and picking a secure password.

> gpg --full-generate-key gpg (GnuPG) 2.4.1; Copyright (C) 2023 g10 Code GmbH This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Please select what kind of key you want: (1) RSA and RSA (2) DSA and Elgamal (3) DSA (sign only) (4) RSA (sign only) (9) ECC (sign and encrypt) *default* (10) ECC (sign only) (14) Existing key from card Your selection? Please select which elliptic curve you want: (1) Curve 25519 *default* (4) NIST P-384 (6) Brainpool P-256 Your selection? Please specify how long the key should be valid. 0 = key does not expire <n> = key expires in n days <n>w = key expires in n weeks <n>m = key expires in n months <n>y = key expires in n years Key is valid for? (0) Key does not expire at all Is this correct? (y/N) y GnuPG needs to construct a user ID to identify your key. Real name: Joel Lau Email address: your_email@example.com Comment: joel's desktop pc You selected this USER-ID: "Joel Lau (joel's desktop pc) <your_email@example.com>" Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. gpg: C:\\Users\\user_name\\AppData\\Roaming\\gnupg\\trustdb.gpg: trustdb created gpg: directory 'C:\\Users\\user_name\\AppData\\Roaming\\gnupg\\openpgp-revocs.d' created gpg: revocation certificate stored as 'C:\\Users\\user_name\\AppData\\Roaming\\gnupg\\openpgp-revocs.d\\DD2DB924314496969FFF1FC4FF7A0A2FE0F81BE3.rev' public and secret key created and signed. pub ed25519 2023-05-01 [SC] DD2DB924314496969FFF1FC4FF7A0A2FE0F81BE3 uid Joel Lau (joel's desktop pc) <your_email@example.com> sub cv25519 2023-05-01 [E]
Enter fullscreen mode Exit fullscreen mode

Show the list of keys

> gpg --list-secret-keys --keyid-format=long [keyboxd] --------- sec ed25519/FF7A0A2FE0F81BE3 2023-05-01 [SC] DD2DB924314496969FFF1FC4FF7A0A2FE0F81BE3 uid [ultimate] Joel Lau (joel's desktop pc) <your_email@example.com> ssb cv25519/81D580E5588F5C57 2023-05-01 [E]
Enter fullscreen mode Exit fullscreen mode

Print the key id you'd like to use

the key ID comes after the protocol name (FF7A0A2FE0F81BE3)

> gpg --armor --export KEY_ID_HERE # e.g. gpg --armor --export FF7A0A2FE0F81BE3
Enter fullscreen mode Exit fullscreen mode

Keep the terminal window open, you will need in the next steps.

GitHub Settings

Get to your personal GitHub Key settings by either:

Image description

Fill in the form with the necessary information before submitting the form. You should see the new entry on the keys page:

Image description

Git (Again) 

git config --global user.name "Joel Lau" ; # set user name git config --global user.email your_email@example.com ; # set email address git config --global core.editor "code --wait" ; # set VSCode as default text editor git config --global --unset gpg.format ; # unset any previous GPG configuration git config --global commit.gpgsign true ; # sign all commits using GPG git config --global gpg.program 'C:\Program Files (x86)\gnupg\bin\gpg.exe' # tell git where to find gpg git config --global user.signingkey KEY_ID_HERE ; # set the signing key (replace `KEY_ID_HERE`)
Enter fullscreen mode Exit fullscreen mode

the resulting gitconfig file should look at follows:

[user] email = joel.lau@protonmail.com name = Joel Lau signingkey = 977D5B2A1AA15946 [init] defaultBranch = main [core] editor = code --wait [gpg] program = C:\\Program Files (x86)\\gnupg\\bin\\gpg.exe [commit] gpgsign = true
Enter fullscreen mode Exit fullscreen mode

TL;DR 

# NOTE: remember to use PowerShell on admin # git winget install Microsoft.Git ; # start ssh-agent Get-Service -Name ssh-agent | Set-Service -StartupType Manual ; # create ssh keys - add to https://github.com/settings/keys ssh-keygen -t ed25519 -C "your_email@example.com" # add keys to ssh-agent ssh-add ~/.ssh/id_ed25519 # gpg # NOTE: remember to add 'C:\Program Files (x86)\gnupg\bin' to path winget install GnuPG.GnuPG ; # create gpg keys - add to https://github.com/settings/keys gpg --full-generate-key ; # show list of keys gpg --list-secret-keys --keyid-format=long ; # show key (the text after `sec 4096R/`) gpg --armor --export KEY_ID_HERE # set user name git config --global user.name "Joel Lau" ; # set email address git config --global user.email your_email@example.com ; # set VSCode as default text editor git config --global core.editor "code --wait" ; # unset any previous GPG configuration git config --global --unset gpg.format ; # sign all commits using GPG git config --global commit.gpgsign true ; # tell git where to find gpg git config --global gpg.program 'C:\Program Files (x86)\gnupg\bin\gpg.exe' # set the signing key (replace `KEY_ID_HERE`) git config --global user.signingkey KEY_ID_HERE ;
Enter fullscreen mode Exit fullscreen mode

References

Top comments (0)