Git error - gpg failed to sign data
Git needs to know which key it is signing with.
After you have setup GPG, gpg-agent, and your gpg.conf files (see this guide), you need to run
git config --global user.signingKey EB11C755
Obviously, replace the public key at the end with your own. If you want every commit to be signed by default, use
git config --global commit.gpgsign true
$ gpg2 -K --keyid-format SHORT # <-- Shows your keys, e.g.:
/home/<username>/.gnupg/pubring.kbx
-------------------------------
sec rsa4096/0754B01E 2019-02-02 [SCA] <--secret key
C396BF3771782D7691B0641145E11B080754B01E
uid [ultimate] John Doe <[email protected]>
ssb rsa4096/A20AB8EC 2019-02-02 [E] <--public key
sec rsa4096/25C504D5 2019-02-02 [SCA] [revoked: 2020-06-01]
08BFF49B9E07E4B4B0C4946B645B6C1425C504D5
uid [ revoked] John Doe <[email protected]>
uid [ revoked] [jpeg image of size 2670]
Where A20AB8EC is the key ID you're looking for from this example.
For troubleshooting, two things to first try:
- run
gpg --version, and make sure you have GnuPG version 2+ (not version 1) installed - run
echo "test" | gpg --clearsign, to make suregpgitself is working
If that all looks all right, one next thing to try:
- run
brew install pinentryto ensure you have a good tool installed for passphrase entry
If after that install, you re-try git commit and still get a "failed to sign the data" error, do:
- run
gpgconf --kill gpg-agentto kill any running agent that might be hung
Otherwise, some basic steps to run to check you’ve got a working GnuPG environment:
- run
gpg -K --keyid-format SHORT, to check that you have at least one key pair
If the output of that shows you have no secret key for GnuPG to use, you need to create one:
- run
gpg --gen-key, to have GnuPG walk you through the steps for creating a key pair
If you get an error message saying “Inappropriate ioctl for device”, do this:
- run
export GPG_TTY=$(tty)and/or add that to your~/.bashrcor˜/.bash_profile
I am using it. It has support for zsh and works on Windows Subsystem for Linux:
export GPG_TTY=$(tty)
Other users have confirmed that above is the only change required for MacOS (e.g. Catalina 10.15.7). For Macs add above to ~/.zshrc.
Proved to work also in Linux containers in Windows with WSL2.