问题
I just started using git and I install git and gpg via homebrew.
For some reason, I get this error when i do git commit
I looked at so many other stackoverflow questions regarding this topic and none of them worked for me.
How can I fix this error so that I can upload successfully.
error: gpg failed to sign the data
fatal: failed to write commit object
回答1:
For troubleshooting, two things to first try:
- run
git config --global gpg.program gpg2, to make sure git usesgpg2and notgpg - run
echo "test" | gpg2 --clearsign, to make suregpg2itself is working
If that all looks all right, one next thing to try:
- run
brew install pinentryto ensure you have a good tool installed for passphrase entry
If after that install and you re-try git commit and still get the "failed to sign the data" error:
- run
gpgconf --kill gpg-agentto kill any running agent that might be hung
If that says gpgconf isn’t installed or doesn’t have a --kill option, you might try this:
cp ~/.gnupg ~/.gnupg-GOODto save a copy of your~/.gnupgto revert to later if neededbrew install gnupg21to install GnuPG 2.1
The reason for saving a copy of your ~/.gnupg dir is that GnuPG 2.1 potentially creates/changes some key data in way that isn’t backward-compatible with GnuPG 2.0 and earlier, so if you want to go back later, you can do mv ~/.gnupg ~/.gnupg21 && mv ~/.gnupg-GOOD ~/.gnupg.
Otherwise there are some basic steps to run to check you’ve got a working GnuPG environment:
- run
gpg2 -K --keyid-format SHORT, to check that you have at least one key pair
If the output of that shows you have no secret key for GnuPG to use, then you need to create one:
- run
gpg2 --gen-key, to have GnuPG walk you through the steps for creating a key pair
If you get an error message saying “Inappropriate ioctl for device”, do this:
- run
export GPG_TTY=$(tty)and/or add that to your~/.bashrcor˜/.bash_profile
回答2:
Git needs to know which key it is signing with.
After you have setup GPG, gpg-agent, and your gpg.conf files (see this guide), you need to run
git config --global user.signingkey EB11C755
Obviously, replace the public key at the end with your own. If you want every commit to be signed by default, use
git config --global commit.gpgsign true
回答3:
Somehow your git is configured to GPG sign every commit. Signing with GPG isn't required to commit or push using git. It's likely giving the error because your gpg signing mechanism isn't configured yet.
If you're new to git, try to get it working first without GPG signing at first, then add signing in later if you really need it.
You can verify how your git is configured with regards to gpg by doing:
git config -l | grep gpg
Which may produce zero or more lines, including:
commit.gpgsign=true
If "commit.gpgsign" is true, then you have gpg signing enabled. Disable it with:
git config --global --unset commit.gpgsign
Then try to run your commit again. It should now run without gpg signing. After you get the basic git working, then you should try adding gpg signing back to the mix.
回答4:
Refer to @sideshowbarker, and @Xavier Ho solution, I solved my problem via following steps.
Assume gpg2 installed by brew,
git config --global gpg.program gpg2
brew install pinentry
gpgconf --kill gpg-agent
gpg2 -K --keyid-format SHORT
// no key found then generate new one
gpg2 --gen-key
gpg2 -K --keyid-format SHORT
.../.gnupg/pubring.gpg
sec rsa2048/0A61C6FC 2017-06-29 [SC] [expires: 2019-06-29]
git config --global user.signingkey 0A61C6FC
Reminded by my colleague, need to append
export GPG_TTY=$(tty)
to ~/.zshrc if using zsh, else append to ~/.bash_profile
For macOS,
the gpg2 is combined with gpg in brew and hence the gpg command is pointed to gpg2
brew install gpg2
brew info gpg
gnupg: stable 2.2.6 (bottled)
git config --global gpg.program gpg
gpg -K --keyid-format SHORT
and there has pinentry-mac for passphrase entry
brew install pinentry-mac
vim ~/.gnupg/gpg-agent.conf
Add line
pinentry-program /usr/local/bin/pinentry-mac
回答5:
I am using it. It has support for zsha and works on Windows Subsystem for Linux:
export GPG_TTY=$(tty)
回答6:
Check for your key to be expired. Once you fix the expiration date (no need to create a new key unless you want to), git will work as normal.
One way to fix the expired key:
(Note: $ represents command line prompt, type the commands after the prompt; press Enter after each command)
$ gpg2 --list-keys to find the appropriate key id (characters after \ on pub line)
$ gpg2 --edit-key <key id> - this opens the gpg shell, with prompt changed to gpg>
gpg> expire - follow instructions to set new expiration date for primary key
Next, if there are subkeys that are expired (sub shows on the line), reset their expiration dates, too:
gpg> key 1 - selects first subkey
gpg> expire - follow instructions to set new expiration date for subkey
Repeat for each subsequent subkey, as needed.
回答7:
This worked for me on ubuntu 18.04
Check your gpg key
gpg -K --keyid-format LONG
if you get a blank response ,generate a GPG key
gpg --generate-key
rerun the first command, you should get an output as:
sec rsa3072/95A854E0593B3214 2019-05-06 [SC] [expires: 2021-05-05]
AF2F7514568DC26B0EB97B9595A854E0593B74D8
uid [ultimate] yourname<your_email>
ssb rsa3072/EFD326E6C611117C 2019-05-06 [E] [expires: 2021-05-05]
set git singing key
git config --global user.singingkey 95A854E0593B3214
then you are good to go! (--global is optional)
Alternatively if you dont mind signing with your ssh key
git config commit.gpgsign false
note that this is not recommended due to a security issue according to this question here and here
回答8:
I experienced this problem after upgrading to gnupg 2.x. It would seen that gpg2 is referencing keys differently: I still had signingkey = ABC98F11 (gpg v1 setting) in my ~/.gitconfig. The key identifiers for gpg2 are longer. Look them up with gpg --list-secret-keys
回答9:
This error can also occur when your GPG key has expired. Generating a new key and adding it to Git should resolve this.
回答10:
May be your Git config was set gpgsign = true. Try to set it to false if you dont want asign your commits. Go to your repository folder and change the file
nano .git/config
From this...
[core]
repositoryformatversion = 0
filemode = true
bare = false
logallrefupdates = true
[remote "origin"]
url = git@bitbucket.org:yourrepo/project.git
fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
remote = origin
merge = refs/heads/master
[user]
signingkey = <GPG-KEY>
[commit]
gpgsign = true
To this...
[core]
repositoryformatversion = 0
filemode = true
bare = false
logallrefupdates = true
[remote "origin"]
url = git@bitbucket.org:yourrepo/project.git
fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
remote = origin
merge = refs/heads/master
[user]
signingkey = <GPG-KEY>
[commit]
gpgsign = false
回答11:
I had made a git key with 3 separate keys for certify / sign / encrypt & the key showed as expired in the future (after working fine for a few days):
pub rsa4096/4CD1E9DA 2017-04-26 [C] [expired: 2017-04-28]
Key fingerprint = 4670 59C1 7592 08B8 7FA5 313B 2A42 B6A6 4CD1 E9DA
uid [ expired] Stuart Cardall (GIT Development Keys) <xxxxxx>
sub rsa4096/5195E715 2017-04-26 [E] [expired: 2019-04-26]
sub rsa4096/DB74C297 2017-04-26 [S] [expired: 2019-04-26]
sub rsa2048/A3913A3C 2017-04-28 [] [expired: never ]
made a new key without adding separate subkeys to solve the problem.
回答12:
For me this error started to occur with git tag -s on Debian GNU/Linux when I switched from pinentry-gnome3 to pinentry-curses (using update-alternatives --config pinentry) for easier remote access. It only occurred with git tag -s, not with gpg (e.g. gpg --clearsign) itself.
The sole change necessary to get it working again in this case was to add export GPG_TTY=$(tty) to my shell startup files.
I though didn't get the “Inappropriate ioctl for device” error message mentioned as indicator for this fix in another answer to this question.
Note: Since the cause for getting this error was a completely different one than for those who suggested export GPG_TTY=$(tty) before (usually as a side hint) in other answers to this question, I decided this question needs another answer which mentions that export GPG_TTY=$(tty) may be the main fix and sole thing necessary in some cases.
回答13:
I had to fix the gpg.program to the absolute path to gpg:
git config --global gpg.program "C:\Program Files (x86)\GnuPG\bin\gpg.exe"
I am using Windows with cygwin.
回答14:
I solved the problem installing brew install gpg2 then doing git config --global gpg.program gpg2
回答15:
This will help you to get rid of it
git config commit.gpgsign false
来源:https://stackoverflow.com/questions/41052538/git-error-gpg-failed-to-sign-data