Signing git commits in WSL2 (with PHPStorm)

You can chose to sign your commits with GPG, but there is a much easier way now.
Switch to a SSH ed25519 key. You can use this key to sign your commits as well as log in to your servers. It’s really fine to rotate your ssh key from time to time. I you don’t have an ed25519 key, do it now, it’s really worth it.

Sign commits with a SSH ed25519 key

Configure git to sign with the SSH key.
Check if your ssh agent knows the key and is able to support the key for signing.
To work around an issue with PHPStorm, create a wrapper around git, like this:

#!/usr/bin/env bash

SSH_AUTH_SOCK=/path/to/my/ssh-agent.sock /usr/bin/git "$@"

You are probably using keychain from gentoo as a package in WSL2 to run your ssh-agent, cause someone told you so?

Then this becomes lot easier:

#!/usr/bin/env bash

source $HOME/.keychain/$HOSTNAME-sh

/usr/bin/git "$@"

Then go to PHPStorm and use this wrapper instead of your git from WSL2 (Settings -> Version Control -> Git):

Use the wrapper around git to use your ssh agent

That way you don’t have to supply your passphrase of your ssh key all the time.

That’s it!

Sign commits with GPG

Install git+gpg on WSL2. (Create your GPG keys)
Install Gpg4win on Windows.

Let PHPStorm use the git installed in WSL2

write this into ~/.gnupg/gpg-agent.conf (might be not existing)

pinentry-program "/mnt/c/Program Files (x86)/Gpg4win/bin/pinentry.exe

Then reload the gpg agent

gpg-connect-agent reloadagent /bye