16

I was trying to sign my commits with the command git commit -S but it fails without prompting my passphrase for my GPG key.

The error is:

error: gpg failed to sign the data
fatal: failed to write commit object

I noticed that if I run the following command before git commit -S:

gpg -o /dev/null --local-user MY_KEY_ID -as <(echo 1234) && echo "The correct passphrase was entered for this key"

...everything works well and my commits are properly signed. I think it's because my passphrase is cached but this is not the behaviour that I expect.

I was hoping that Git would prompt for my passphrase everytime I want to sign commits or tags.

The command to "unlock my key" was found on this question: How to use gpg command-line to check passphrase is correct

Ronan Boiteau
  • 9,608
  • 6
  • 34
  • 56
Oscar
  • 1,071
  • 13
  • 26

2 Answers2

16

You likely need to tell pinentry, the software gpg uses to prompt for your password, where to prompt you.

export GPG_TTY=$(tty)
git commit -S

If this works I would recommend exporting GPG_TTY in your shell's 'rc' file.

gpg-agent documentation regarding GPG_TTY

Ronan Boiteau
  • 9,608
  • 6
  • 34
  • 56
Max Friederichs
  • 569
  • 3
  • 13
  • 3
    It works like a charm, have you some documentation that i've missed about this ? – Oscar Apr 03 '18 at 19:15
  • 2
    Edited my answer to add some gpg documentation. Actually, I had this same problem while setting up signed commits for my git profile. It doesn't seem to be documented very well from the git side. – Max Friederichs Apr 03 '18 at 19:28
  • This solution also works if you're getting this error when you login to a machine via SSH that you usually access via a keyboard/mouse with a GUI - e.g. Ubuntu Desktop (20.04 in my case). – starbeamrainbowlabs May 28 '21 at 13:56
0

For me, unsetting and setting again the signing key worked like a charm.

This works either if you are changing the signing key for another one or git suddenly stopped prompting for the passphrase.

// remove signing key
git config --unset user.signingkey

// add new signing key
git config user.signingkey SECRETKEYLONGID

// tell git to automatically sign every commit
git config commit.gpgsign true

// commit as usual
git commit -m "commit message"

Git explains hot to get the signing key long ID.

That's it!. I hope it comes handy.

mbastidasluis
  • 39
  • 1
  • 7