GitHub Account Polishing
January 21st, 2017
After deciding to change my GitHub username to something a little more professional (like my actual name), I figured now would be an excellent time to view any other potential changes I would like to make.
The first change was to actually add my name and add a bio for my profile. I also added a link to this website in the URL.
Next I went about generating a SSH key for committing instead of relying on my username/password.
SSH Keys in GitHub
For generating the SSH key, I chose RSA as the algorithm as well as a 4096 key size.
{% highlight shell %}
ssh-keygen -t rsa -b 4096
{% endhighlight %}
I also added it to my SSH-agent:
{% highlight shell %}
eval "$(ssh-agent -s)"
ssh-add /path/to/key
{% endhighlight %}
GPG Keys
Next I decided I would add a GPG key in order to sign all my release commits for my major projects (Such as DroidMessage).
{% highlight shell %}
gpg --key-gen
gpg --list-secret-keys --keyid-format LONG
gpg --armor --export KEY_ID
{% endhighlight %}
Then I copied the keys and uploaded them both to GitHub.
I also adding my GPG key to git with:
> git config --global user.signingkey KEY_ID
I copied the SSH key generation on all my development machines as well.
Updating Git remote endpoints
Command to update git remote:
> git remote set-url origin git@github.com:<Username>/<Project>.git
Tips for Windows
A way to specify which key file to use for pushing to github:
> ssh-agent bash -c 'ssh-add <keyfile-url>; git push origin master'
Conclusion
With the GPG key I can now sign releases in order to show that the commits were really me.
The SSH keys allow me to avoid using my username/password. Though the process requires a tad more effort, it hopefully shall be worth it.