diff --git a/git/.gitconfig b/git/.gitconfig
index fc266ec..4d6b483 100644
--- a/git/.gitconfig
+++ b/git/.gitconfig
@@ -43,3 +43,5 @@
 	instructionFormat = "(%an <%ae>) %s"
 [status]
 	showUntrackedFiles = all
+[commit]
+	gpgSign = true
diff --git a/gnupg/.gnupg/gpg-agent.conf b/gnupg/.gnupg/gpg-agent.conf
new file mode 100644
index 0000000..9e243d6
--- /dev/null
+++ b/gnupg/.gnupg/gpg-agent.conf
@@ -0,0 +1,3 @@
+enable-ssh-support
+default-cache-ttl-ssh 3600
+max-cache-ttl-ssh 3600
diff --git a/gnupg/.gnupg/gpg.conf b/gnupg/.gnupg/gpg.conf
new file mode 100644
index 0000000..b695a44
--- /dev/null
+++ b/gnupg/.gnupg/gpg.conf
@@ -0,0 +1,46 @@
+# https://github.com/drduh/config/blob/master/gpg.conf
+# https://www.gnupg.org/documentation/manuals/gnupg/GPG-Configuration-Options.html
+# https://www.gnupg.org/documentation/manuals/gnupg/GPG-Esoteric-Options.html
+# As explained in https://illuad.fr/2020/10/06/build-an-openpgp-key-based-on-ecc.html
+# Use AES256, 192, or 128 as cipher
+personal-cipher-preferences AES256 AES192 AES
+# Use SHA512, 384, or 256 as digest
+personal-digest-preferences SHA512 SHA384 SHA256
+# Use ZLIB, BZIP2, ZIP, or no compression
+personal-compress-preferences ZLIB BZIP2 ZIP Uncompressed
+# Default preferences for new keys
+default-preference-list SHA512 SHA384 SHA256 AES256 AES192 AES ZLIB BZIP2 ZIP Uncompressed
+# SHA512 as digest to sign keys
+cert-digest-algo SHA512
+# SHA512 as digest for symmetric ops
+s2k-digest-algo SHA512
+# AES256 as cipher for symmetric ops
+s2k-cipher-algo AES256
+# UTF-8 support for compatibility
+charset utf-8
+# Show Unix timestamps
+fixed-list-mode
+# No comments in signature
+no-comments
+# No version in output
+no-emit-version
+# Disable banner
+no-greeting
+# Long hexidecimal key format
+keyid-format 0xlong
+# Display UID validity
+list-options show-uid-validity
+verify-options show-uid-validity
+# Display all keys and their fingerprints
+with-fingerprint
+# Display key origins and updates
+#with-key-origin
+# Cross-certify subkeys are present and valid
+require-cross-certification
+# Disable caching of passphrase for symmetrical ops
+no-symkey-cache
+# Disable recipient key ID in messages
+throw-keyids
+# Enable smartcard
+use-agent
+