From 0c30e143bf41f5bbbe295abdd0cb5bad9f5da9f6 Mon Sep 17 00:00:00 2001
From: Matt Borja <me@mattborja.dev>
Date: Mon, 5 May 2025 04:31:46 +0000
Subject: [PATCH] Update instructions for commit signing

- Using a SSH key for signing
- Snippet demonstrating configuring the Git user identity
- Enabling commit and tag signing by default
---
 README.md | 23 ++++++++++++++++++++---
 1 file changed, 20 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 0f19ad8..08af0dd 100644
--- a/README.md
+++ b/README.md
@@ -1663,15 +1663,32 @@ The path must be set according to `gpgconf --list-dirs agent-ssh-socket` on *rem
 
 YubiKey can be used to sign commits and tags, and authenticate SSH to GitHub when configured in [Settings](https://github.com/settings/keys).
 
-Configure a signing key:
+Configure the signing key:
 
 ```console
 git config --global user.signingkey $KEYID
 ```
 
-Configure the `user.email` option to match the email address associated with the PGP identity.
+Alternatively, if you are using the aforementioned `IdentityFile` (SSH key) for signing:
 
-To sign commits or tags, use the `-S` option.
+```console
+git config --global gpg.format ssh
+git config --global user.signingkey ~/.ssh/id_rsa_yubikey.pub
+```
+
+Configure the `user.name` and `user.email` option to match the email address associated with the PGP identity:
+
+```console
+git config --global user.name 'YubiKey User'
+git config --global user.email yubikey@example
+```
+
+To sign commits or tags, use the `-S` option, or consider enabling commit and tag signing by default:
+
+```console
+git config --global commit.gpgsign true
+git config --global tag.gpgSign true
+```
 
 **Windows**