Add setup instructions

This commit is contained in:
ardigan6 2022-12-26 18:18:23 -05:00 committed by GitHub
parent 3bd8e3b494
commit 074ff437b2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 28 additions and 0 deletions

28
FAQ.md
View File

@ -1,5 +1,33 @@
# FAQ
## Setup Instructions: Authenticating and Signing Code with git and GitHub
Signing all commits is a good habit, and fairly simple to set up.
### Instructions
After installing Secretive (`brew install secretive`):
1. Generate a new SSH key in the UI
2. Add it to your GitHub account as an Auth **and** a Signing key, i.e. add it twice.
Next, configure your local environment:
3. Configure SSH_AUTH_SOCK: `echo 'export SSH_AUTH_SOCK=/Users/YOUR-ACCOUNT/Library/Containers/com.maxgoedjen.Secretive.SecretAgent/Data/socket.ssh' >> ~/.bashrc` (or whatever shell you use; don't forget to run the export in your current session as well)
4. Copy out the "Public Key Path" in the UI for step 6
5. `git config --global gpg.format ssh`
6. `git config --global user.signingkey /Users/YOU/Library/Containers/com.maxgoedjen.Secretive.SecretAgent/Data/PublicKeys/YOUR.pub`
7. `git config commit.gpgsign true` (sign future commits for this repo) or `git config --global commit.gpgsign true` (all repos)
8. `git config tag.gpgsign true` (sign future tags, `--global` for all repos)
### Troubleshooting
- `kill -HUP <secretive, secretive agent pids>` if you see an "Agent is not running" message in Secretive.
- Copy your pubkey into ~/.ssh/id_ecdsa.pub if the file from step 6 isn't present (`ls` to check)
- Try `git commit -S -m 'message'` if you're not seeing steps 7/8 auto-triggering signing for you.
## FAQs
### How do I import my current SSH keys, or export my Secretive Keys?
The secure enclave doesn't allow import or export of private keys. For any new computer, you should just create a new set of keys. If you're using a smart card, you _might_ be able to export your private key from the vendor's software.