gh-gpg-key

List GPG keys in the authorized GitHub account

$ gh gpg-key [[ls|list]]

$ gh gpg-key add [path/to/key_file]

$ gpg [[-a|--armor]] --export [key_id] | gh gpg-key add -

$ gh gpg-key delete [key_id]

gh gpg-key <command> [<flags>]

add
    Adds a GPG public key to your GitHub account.
<flags> include:
  --import-from-gpg: Imports a public key from your local GPG agent, prompting you to choose from available keys.
  --public-key <file>: Reads a GPG public key from the specified file.
  --title <string>: Assigns a descriptive title to the GPG key on GitHub.

delete <id>
    Deletes a GPG public key from your GitHub account. The <id> is the unique identifier of the key, which can be found using the list command.

list
    Lists all GPG public keys currently associated with your GitHub account.
<flags> for output formatting:
  --json <fields>: Outputs in JSON format, allowing you to specify desired fields.
  --jq <query>: Filters and formats JSON output using a jq expression.
  --template <template>: Formats output using a Go template string.

--help
    Displays help information for the gh-gpg-key extension or a specific subcommand.

The gh-gpg-key command, typically invoked as gh gpg-key, is a powerful GitHub CLI extension designed to streamline the management of GPG keys associated with your GitHub account. It provides a convenient command-line interface for tasks such as listing, adding, and deleting GPG keys, eliminating the need to navigate the web interface. This tool is essential for developers who use GPG for signing commits and tags, ensuring the authenticity and integrity of their work on GitHub. By integrating directly with the GitHub CLI, it offers a consistent and efficient workflow for maintaining cryptographic identities, enhancing security practices directly from your terminal.

This command requires the GitHub CLI (gh) to be installed and authenticated to your GitHub account (via gh auth login). For adding keys using --import-from-gpg, you must have gpg configured locally with the desired public key available in your GPG keyring.

To use gh-gpg-key, you first need to install it as a GitHub CLI extension. This can typically be done using the command:
gh extension install cli/gh-gpg-key
After installation, the command becomes available as gh gpg-key.

Before using gh gpg-key to manage your GPG keys on GitHub, ensure you are logged into the GitHub CLI by running gh auth login. This command requires authenticated access to your GitHub account to perform key management operations.

As a GitHub CLI extension, gh-gpg-key is part of the modern gh ecosystem, developed to extend the core CLI's functionality. Its development aligns with GitHub's efforts to provide comprehensive command-line tooling for managing various aspects of a developer's GitHub presence, including GPG key management for commit and tag signing verification. It leverages the extensibility features of the gh CLI to provide a focused utility.

gh(1), git(1), gpg(1)