> For the complete documentation index, see [llms.txt](https://yubico.gitbook.io/yubikey5/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://yubico.gitbook.io/yubikey5/tutorials/github-desktop.md).
# Github Desktop
{% hint style="info" %}
This tutorial requires one device of any in the following categories:
* [x] [YubiKey 5 Series](https://www.yubico.com/store/#yubikey-5-series)
* [x] [YubiKey 5 FIPs Series](https://www.yubico.com/store/#yubikey-5-fips-series)
{% endhint %}
This tutorial requires the following software to be installed:
## ❊ Why Sign Commits?
Code and commit signing does two things: it confirms who the author of the software is and proves that the code has not been altered or tampered with after it was signed. Both are extremely important for building trust from customers and safely distributing your software.
## ❊ Install Github Desktop
Github Desktop is a fairly straight-forward install. Download the program and then do a typical install.
## ❊ Install Git (bash)
Proceed to download and start the installation for Git.
The list of options above depends on your preferences. If you are unsure of what some of these do, you can just leave them checked.
On the next screen, Git is going to start asking a few customization options such as which editor you wish to use:
I have selected Visual Studio Code, but you can select whichever one you like. If you don't have an editor installed, then you can select **Notepad**.
For the next section, you will be asked if you would like Git to name the initial branch after \`**`git init`**\`. You can select **Let Git Decide****.**
The next section will ask how you're using Git from the command-line.
It's best to choose the Recommended option: **Git from the command-line and also from 3rd-party-software**.
This next section asks about your choice in SSH client. The answer to this question is going to vary depending on your needs. If you are unsure, select **Use Bundled OpenSSH****.**
For HTTPS transport backend, you can select **Use the OpenSSL Library**.
For line-ending conversions; if you see an option that fits you specifically, then choose your best option. If you are unsure, select **Checkout Windows-style commit Unix-style line endings****.**
Next, select **Use MinTTY****.**
Select **Default (fast-forward or merge)****.**
Select **Git Credential Manager**
Select **Enable file system caching** (unless you need symbolic links as well).
And FINALLY... select to enable any of the options above. Or you can leave them off.
After you've gone through that endless round of button smasher, press 
Once installation has finished, we'll uncheck both options so that we can do the next step:
Once you press , move on to the next section.
## ❊ Setting Environment Variables
During the installation of Git, one of the questions asked was how you want Git to manage Environment variables.
We are going to now look at your environment variables and confirm Git did indeed add them.
Click  and type **Environment**.
The option **Edit the system environment variables** should appear.
Once the dialog box appears on the **Advanced** tab, at the bottom, click 
You should see two separate boxes labeled **USER VARIABLES** and **SYSTEM VARIABLES**.
In the **System Variables** box, locate the line which defines **Path**.
Highlight the **Path** line and then click 
Read through the list of variables on each line and find one of the two mentioned here:
* **`C:\Program Files\Git\cmd`**
* **`C:\Program Files\Git\bin`**
The drive letter C: will be different for you if you told Git to install to a different drive.
If you see the above paths in your list of system environment variables, youc an close that window. However, if you do not, then you'll need to manually add them.
Select  on the right hand side of the new dialog window.
You will notice a box open up at the very bottom of the window where you can type.
In the box, enter **`C:\Program Files\Git\cmd`**
Once you enter the path to Git's bin folder, you can click 
You have now created a System Environment Variable which will become extremely useful.
To test if it works, open Command Prompt, Terminal, or Powershell in a new window. You should start in your user's home folder which is C:\Users\yourusername.
Once you have one of the above opened, type the command:
```
git --version
```
You should receive a response back which shows the current version of Git installed on your system.
## ❊ Generating GPG Keys
The next step is to generate actual GPG keys that you'll import onto your Yubikey and link to your Git software.
There are several ways to generate GPG keys. Select your desired method below:
Allows you to export your private key and import it into multiple Yubikeys.
Once you have completed one of the guides above and have your GPG keys successfully imported to your Yubikey, please continue below:
## ❊ Import GPG key to Github
Sign into your [**Github.com**](https://github.com/) account.
Open the menu to the top right, and select **`Settings`**.
Then migrate to **`SSH and GPG Keys`**
For a direct link, login to Github and view the [**Github SSH / GPG Keys**](https://github.com/settings/keys) page.
In the middle of the page, locate the **`GPG Keys`** section:
On the right, select 
Select a name / title for your GPG key.
For the Key field, it is requesting the GPG Public Key you generated when your keys for first made.
If you are unsure of how to obtain your GPG Public Key:
*  [**Exporting Public Key with Kleopatra Application**](/yubikey5/gpg/generate-keys/with-kleopatra.md#public-keys)
*  [**Exporting Public Key with GPG Command-line**](/yubikey5/gpg/generate-keys/with-commandline.md#public-key)
Once you export your Public Key, locate the file:
Open this file in **Notepad** or some other text editor:
This large string of text is your **`PGP Public Key Block`**, which you need to copy, and then paste in the field box on Github.
Once you paste, click 
You will be redirected back to the GPG page of Github:
As you can see in the screenshot, it's advised that you create a GPG key with the same email address associated to your Github. But this is OK for our demo.
Next, we will add our keys to Git Bash / Github Desktop.
## ❊ Git Bash / Github Desktop
We now need to tell Git bash and Github Desktop to use a key when signing commits. For reference, the commands you are going to enter below are all saved to the file:
**`C:\Users\yourusername\.gitconfig`**
Open **Command Prompt**, **Terminal**, or **Powershell**.
Execute the following command:
```powershell
git config --global commit.gpgsign true
```
Next, we will specify our **`Key ID`****` ``--`** this is listed on the Github page:
```powershell
git config --global user.signingkey BB6E1E562FFFD354
```
Finally, we need to tell Git where we have GPG installed. Your path may be different depending on your installation method:
```powershell
git config --global gpg.program "C:\Program Files (x86)\GnuPG\bin\gpg.exe"
```
## ❊ Testing Commits
Load up Github Desktop and make a change to one of your repos.
Once you are ready, commit your changes and within a few seconds you should get a dialog asking for your GPG PIN:
Once you enter your PIN, the process should continue as it normally does and allow you to push your changes.
Git bash should work the same way when executing the command to commit.
Since most software uses the Git library, you will also be asked for a PIN when you sign commits using Visual Studio Code's git plugin.
When you view your list of commits on the repo, you should see a **`Verified`** tag to the right of the commit.
If you do not use the same email address as your Github for your GPG key, you will see an **`Unverified`** tag.
---
# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.
## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://yubico.gitbook.io/yubikey5/tutorials/github-desktop.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.