Skip to content

Instantly share code, notes, and snippets.

Last active June 7, 2024 22:59
Show Gist options
  • Save paolocarrasco/18ca8fe6e63490ae1be23e84a7039374 to your computer and use it in GitHub Desktop.
Save paolocarrasco/18ca8fe6e63490ae1be23e84a7039374 to your computer and use it in GitHub Desktop.
How to understand the `gpg failed to sign the data` problem in git


You have installed GPG, then tried to commit and suddenly you see this error message after it:

error: gpg failed to sign the data
fatal: failed to write commit object


For understanding what's going on, first check what git is doing, so add GIT_TRACE=1 at the beginning of the command you used before (git commit or git rebase):

GIT_TRACE=1 git commit

With that you can see what GPG is doing: Probably you will see something like this

10:37:22.346480 run-command.c:637       trace: run_command: gpg --status-fd=2 -bsau <your GPG key>

(Check if your GPG key is correct)

Execute that gpg command again in the command line:

gpg --status-fd=2 -bsau <your GPG key>

👆🏻 With this now you could see what happened in detail!


We can have many problems, but I list what I found:

  1. It could be that the GPG key was expired:

  2. Another thing could be that the secret key was not set properly (In my case the message said gpg: signing failed: No secret key as it can be see in the image below). image It means that is not finding the key that was set. You would need to set up the GPG key in Git (again):

    • List the secret keys available in GPG.
    gpg --list-secret-keys --keyid-format=long
    • Copy your key
    • Set your key for your user in git
    git config --global user.signingkey <your key>
  3. Another popular solution that could help was shared here by @NirajanMahara:

  4. You can see in the thread of this gist other ways to find the solution to other problems. I recommend to read the Github guide for signing commits with GPG.

Hope it helps!

Copy link

My issue was that I had added the PGP key with my email, while my commits on the repo were signed with my GitHub-provided noreply email address.

To solve this issue, I had to run gpg --edit-key [your key] followed by gpg> adduid to add the second email address.

This worked for me! Thanks

Copy link

On MacOS, I have to install pinentry-mac to enter passphrase

brew install pinentry-mac
echo "pinentry-program $(which pinentry-mac)" >> ~/.gnupg/gpg-agent.conf
killall gpg-agent

This is the true solution 👍

This worked for me as well. Thanks @bdangeb6tp !!

Copy link

shink commented May 20, 2024

@NirajanMahara Thanks so much! It works for me.

Copy link

After upgrading my OSX to Monterey it stoped to work without reason. The GIT_TRACE didn't help to much because everything was correctly set. In the end I reinstalled the GPG Sutie via brew with the command brew reinstall --cask gpg-suite and it fixed the issue.

Thanks @tmoreira2020 after trying all the other solutions Google led me to, this is the one that worked for me.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment