Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
How to set up git to use the GPG Suite

GPG and git on macOS

Setup

No need for homebrew or anything like that. Works with https://www.git-tower.com and the command line.

  1. Install https://gpgtools.org -- I'd suggest to do a customized install and deselect GPGMail.
  2. Create or import a key -- see below for https://keybase.io
  3. Run gpg --list-secret-keys and look for sec, use the key ID for the next step
  4. Configure git to use GPG -- replace the key with the one from gpg --list-secret-keys
git config --global gpg.program /usr/local/MacGPG2/bin/gpg2
git config --global user.signingkey A6B167E1 
git config --global commit.gpgsign true 
  1. Optionally configure annotated tags to be GPG signed
git config --global tag.forceSignAnnotated true
  1. Add this line to ~/.gnupg/gpg-agent.conf
pinentry-program /usr/local/MacGPG2/libexec/pinentry-mac.app/Contents/MacOS/pinentry-mac
  1. Add this line to ~/.gnupg/gpg.conf
no-tty

Keybase.io

Import key to GPG on another host

% keybase pgp export
% keybase pgp export -q CB86A866E870EE00 | gpg --import
% keybase pgp export -q CB86A866E870EE00 --secret | gpg --allow-secret-key-import --import

Add public GPG key to GitHub

% open https://github.com/settings/keys
% keybase pgp export -q CB86A866E440EE00 | pbcopy

See Also

@maxcountryman

This comment has been minimized.

Copy link

commented Jul 15, 2016

This doesn't seem to work for me, I get this error:

gpg: Sorry, no terminal at all requested - can't get input
error: gpg failed to sign the data
fatal: failed to write commit object
@clburlison

This comment has been minimized.

Copy link

commented Jul 28, 2016

Sweet! Thank you so much. An option that works with GUI git clients, and the command line. With a huge bonus of not needing to use Homebrew!

@osteslag

This comment has been minimized.

Copy link

commented Aug 4, 2016

@maxcountryman, instead of using which gpg to specify the GPG executable, use MacGPG2’s binary, like this:

git config --global gpg.program /usr/local/MacGPG2/bin/gpg2

@danieleggert, maybe you want to update your Gist (line 12, I can’t make a pull request on a Gist). Because if you also have a default installation of gpg on your Mac, that will probably be invoked instead, and you’ll get the error Max reported.

@nhooyr

This comment has been minimized.

Copy link

commented Aug 8, 2016

why not just /usr/local/bin/pinentry-mac? And why which gpg? I think gpg on its own should suffice.

@osteslag

This comment has been minimized.

Copy link

commented Aug 8, 2016

why not just /usr/local/bin/pinentry-mac?

Because it’s not guaranteed to be there (it not on my set up, for example). /usr/local/MacGPG2/bin/gpg2 is guaranteed, because it’s in the GPG Suite app bundle which this whole Gist is centered around.

I think gpg on its own should suffice.

Only if /usr/local/MacGPG2/bin is in your search path (try echo $PATH in the Terminal) and there is no other gpg under an earlier search path. The GPG Suite installer seems to append the search path. But in Max’ and my case, it fails due to another gpg being installed as well (/usr/local/bin/ in my case).

By using the fully qualified executable path, it just works.

@ghost

This comment has been minimized.

Copy link

commented Aug 19, 2016

I'd tried following the @mbhatfield steps before and never got things quite right. This approach was much easier though I did need to incorporate the changes suggested by @osteslag. Thanks for putting this together!

@RichardBronosky

This comment has been minimized.

Copy link

commented Dec 1, 2016

Are you guys seriously living without homebrew? Why would you do that to yourself?

@danieleggert

This comment has been minimized.

Copy link
Owner Author

commented Feb 15, 2017

@osteslag I’ve changed the line for gpg.program

@danieleggert

This comment has been minimized.

Copy link
Owner Author

commented Feb 15, 2017

@RichardBronosky I’d never install homebrew on my system. It messes up my system. It adds a slew of security problems.

@shreyasminocha

This comment has been minimized.

Copy link

commented Jul 8, 2017

@danieleggert What security issues does homebrew open up?

@diego898

This comment has been minimized.

Copy link

commented Nov 16, 2017

For some reason this isn't working for me - I still get the:

error: gpg failed to sign the data
fatal: failed to write commit object

after trying to commit with auto-sign

@shal

This comment has been minimized.

Copy link

commented Jan 2, 2018

Thank you soooo much!

@LondonAppDev

This comment has been minimized.

Copy link

commented Jan 29, 2018

Excellent thank you!

@x86chi

This comment has been minimized.

Copy link

commented Mar 16, 2018

thank you :D

@KIVagant

This comment has been minimized.

Copy link

commented May 3, 2018

Thanks

@ossareh

This comment has been minimized.

Copy link

commented May 9, 2018

@shreyasminocha if you use homebrew brew cask install gpg-suite will give you the same setup as installing the software from the site. In which case these steps work perfectly.

Thanks @danieleggert and @osteslag

@sarkis

This comment has been minimized.

Copy link

commented Jun 13, 2018

For anyone else having this issue after following the directions:

error: gpg failed to sign the data
fatal: failed to write commit object

You need to remember to restart the gpg-agent - running this will kill the agent and start next time it is needed:

$ gpgconf --kill gpg-agent
@mverleg

This comment has been minimized.

Copy link

commented Aug 4, 2018

@sarkis Thanks, restarting was the missing step for me

@mrchief

This comment has been minimized.

Copy link

commented Oct 17, 2018

Works like a charm! Thanks!

@tanguyantoine

This comment has been minimized.

Copy link

commented Nov 24, 2018

Thank you 👍

@RedHotMan

This comment has been minimized.

Copy link

commented Dec 21, 2018

Thanks a lot

@Miltonjacomini

This comment has been minimized.

Copy link

commented Dec 23, 2018

👍

@thsaravana

This comment has been minimized.

Copy link

commented Aug 27, 2019

@sarkis Thanks for the restart.

@41tair

This comment has been minimized.

Copy link

commented Sep 25, 2019

👍

@dteok

This comment has been minimized.

Copy link

commented Oct 9, 2019

Initially, brew install gpg. But I had to undo this.
Then I installed gpg as instructed above.
Works perfectly now. Thank you so much!

I wonder though... I never had this problem and I don't know git is complaining about 'cannot run gpg...'.
I remember the only thing I did differently before all these happened was that I configured my dotfiles to change the way my terminal looks -- github.com/mathiasbynens/dotfiles
Can anyone say to have done the same? Because in a new (factory reset) laptop and a fresh installed git I believe you won't run into this problem.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.