Adding a new GPG key to your GitHub account

Before adding a new GPG key to your GitHub account, you should have:

• Checked for existing GPG keys
• Generated and copied a new GPG key

Supported GPG key algorithms

GitHub supports several GPG key algorithms. If you try to add a key generated with an unsupported algorithm, you may encounter an error.

• RSA
• ElGamal
• DSA
• ECDH
• ECDSA
• EdDSA

When verifying a signature, we extract the signature and attempt to parse its key-id. We match the key-id with keys uploaded to GitHub. Until you upload your GPG key to GitHub, we cannot verify your signatures.

Adding a GPG key

1. In the upper-right corner of any page, click your profile photo, then click Settings.
2. In the user settings sidebar, click SSH and GPG keys.
3. Click New GPG key.
4. In the "Key" field, paste the GPG key you copied when you generated your GPG key.
5. Click Add GPG key.
6. To confirm the action, enter your GitHub password.

Further reading

• "Checking for existing GPG keys"
• "Generating a new GPG key"
• "Telling Git about your signing key"
• "Associating an email with your GPG key"
• "Signing commits and tags using GPG keys"