gh-gpg-key

List GPG keys in the authorized GitHub account

$ gh gpg-key [[ls|list]]

$ gh gpg-key add [path/to/key_file]

$ gpg [[-a|--armor]] --export [key_id] | gh gpg-key add -

$ gh gpg-key delete [key_id]

gh gpg-key list [--show-public-key]
gh gpg-key add [<keyfile>]

list
    List fingerprints of GPG keys on your GitHub account

--show-public-key
    Display full public keys instead of fingerprints

add
    Add an ASCII-armored GPG public key to your account

<keyfile>
    Optional path to ASCII-armored public key file (reads from stdin if omitted)

The gh gpg-key command, part of the GitHub CLI (gh), enables management of GPG keys linked to your GitHub account directly from the terminal. GPG (GNU Privacy Guard) keys verify commit signatures, ensuring the authenticity of contributions on GitHub.

Primary subcommands are list and add. Use gh gpg-key list to view fingerprints or full public keys of associated keys. The add subcommand uploads a new public key in ASCII-armored format, either from a file or stdin—for example, piping output from gpg --armor --export.

This tool streamlines workflows for developers using GPG-signed commits, eliminating the need for the GitHub web UI. It requires prior authentication via gh auth login and works with personal or organization accounts (with -R flag for orgs). Keys must be valid and not expired for successful verification on GitHub.

Ideal for CI/CD pipelines or local setups, it integrates seamlessly with Git for signed pushes.

Requires gh auth login. Accepts only ASCII-armored public keys. No remove/delete subcommand; use GitHub UI. Key must be valid for commit verification.

gh gpg-key list
gh gpg-key list --show-public-key
gpg --armor --export user@example.com | gh gpg-key add
gh gpg-key add ~/pubkey.asc

Export public key with gpg --armor --export KEYID or gpg --armor --export email@domain.

Introduced in GitHub CLI v0.11.0 (June 2020) to expand key management alongside SSH keys.

gh ssh-key(1), gpg(1)