GitHub Account Polishing

January 21st, 2017

After deciding to change my GitHub username to something a little more professional (like my actual name), I figured now would be an excellent time to view any other potential changes I would like to make.

The first change was to actually add my name and add a bio for my profile. I also added a link to this website in the URL.

Next I went about generating a SSH key for committing instead of relying on my username/password.

SSH Keys in GitHub

For generating the SSH key, I chose RSA as the algorithm as well as a 4096 key size.

{% highlight shell %}

ssh-keygen -t rsa -b 4096

{% endhighlight %}

I also added it to my SSH-agent:

{% highlight shell %}

eval "$(ssh-agent -s)"

ssh-add /path/to/key

{% endhighlight %}

GPG Keys

Next I decided I would add a GPG key in order to sign all my release commits for my major projects (Such as DroidMessage).

{% highlight shell %}

gpg --key-gen

gpg --list-secret-keys --keyid-format LONG

gpg --armor --export KEY_ID

{% endhighlight %}

Then I copied the keys and uploaded them both to GitHub.

I also adding my GPG key to git with:

> git config --global user.signingkey KEY_ID

I copied the SSH key generation on all my development machines as well.

Updating Git remote endpoints

Command to update git remote:

> git remote set-url origin git@github.com:<Username>/<Project>.git

Tips for Windows

A way to specify which key file to use for pushing to github:

> ssh-agent bash -c 'ssh-add <keyfile-url>; git push origin master'

Conclusion

With the GPG key I can now sign releases in order to show that the commits were really me.

The SSH keys allow me to avoid using my username/password. Though the process requires a tad more effort, it hopefully shall be worth it.