Git error - gpg failed to sign data
For troubleshooting, two things to first try:
- run
git config --global gpg.program gpg2
, to make sure git usesgpg2
and notgpg
- run
echo "test" | gpg2 --clearsign
, to make suregpg2
itself is working
If that all looks all right, one next thing to try:
- run
brew install pinentry
to ensure you have a good tool installed for passphrase entry
If after that install, you re-try git commit
and still get a "failed to sign the data
" error, do:
- run
gpgconf --kill gpg-agent
to kill any running agent that might be hung
If that says gpgconf
isn’t installed or doesn’t have a --kill
option, you might try this:
-
cp ~/.gnupg ~/.gnupg-GOOD
to save a copy of your~/.gnupg
to revert to later if needed -
brew install gnupg21
to install GnuPG 2.1
The reason for saving a copy of your ~/.gnupg
dir is, GnuPG 2.1 potentially creates/changes some key data in way that isn’t backward-compatible with GnuPG 2.0 and earlier, so if you want to go back later, you can do mv ~/.gnupg ~/.gnupg21 && mv ~/.gnupg-GOOD ~/.gnupg
.
Otherwise, some basic steps to run to check you’ve got a working GnuPG environment:
- run
gpg2 -K --keyid-format SHORT
, to check that you have at least one key pair
If the output of that shows you have no secret key for GnuPG to use, you need to create one:
- run
gpg2 --gen-key
, to have GnuPG walk you through the steps for creating a key pair
If you get an error message saying “Inappropriate ioctl for device”, do this:
- run
export GPG_TTY=$(tty)
and/or add that to your~/.bashrc
or˜/.bash_profile
Git needs to know which key it is signing with.
After you have setup GPG, gpg-agent, and your gpg.conf files (see this guide), you need to run
git config --global user.signingKey EB11C755
Obviously, replace the public key at the end with your own. If you want every commit to be signed by default, use
git config --global commit.gpgsign true
$ gpg2 -K --keyid-format SHORT # <-- Shows your keys, e.g.:
/home/<username>/.gnupg/pubring.kbx
-------------------------------
sec rsa4096/0754B01E 2019-02-02 [SCA] <--secret key
C396BF3771782D7691B0641145E11B080754B01E
uid [ultimate] John Doe <[email protected]>
ssb rsa4096/A20AB8EC 2019-02-02 [E] <--public key
sec rsa4096/25C504D5 2019-02-02 [SCA] [revoked: 2020-06-01]
08BFF49B9E07E4B4B0C4946B645B6C1425C504D5
uid [ revoked] John Doe <[email protected]>
uid [ revoked] [jpeg image of size 2670]
Where A20AB8EC
is the key ID you're looking for from this example.