6

So it seems that my gpg key is secret but when I try to sign my commits in git, it isn't recognized as secret. I'm at a total loss for why this is. I believe I have this setup properly but my commit signs fail. Am I doing something wrong? Thanks in advance for any help.

[brad@reason entry-criteria-test]$ gpg --list-secret-keys --keyid-format LONG
/home/brad/.gnupg/secring.gpg
-----------------------------
sec   4096R/15980D34B4EED3FA 2019-03-11
uid                          Brad <brad@work.com>
ssb   4096R/3B437BF0F7366F6C 2019-03-11

[brad@reason entry-criteria-test]$ git config user.signingkey 15980D34B4EED3FA
[brad@reason entry-criteria-test]$ git config --global user.signingkey 15980D34B4EED3FA
[brad@reason entry-criteria-test]$ git commit -S -m "testing signed commit"
gpg: key B4EED3FA: secret key without public key - skipped
gpg: skipped "15980D34B4EED3FA": No secret key
gpg: signing failed: No secret key
error: gpg failed to sign the data
fatal: failed to write commit object
[brad@reason entry-criteria-test]$ git config -l
user.name=Brad
user.email=brad@work.com
user.signingkey=15980D34B4EED3FA
color.ui=true
push.default=simple
commit.gpgsign=true
gpg.program=gpg2
core.repositoryformatversion=0
core.filemode=true
core.bare=false
core.logallrefupdates=true
remote.origin.url=git@github.work.com:entry-criteria-test.git
remote.origin.fetch=+refs/heads/*:refs/remotes/origin/*
branch.master.remote=origin
branch.master.merge=refs/heads/master
branch.issue-00142.remote=origin
branch.issue-00142.merge=refs/heads/issue-00142
branch.issue-00144.remote=origin
branch.issue-00144.merge=refs/heads/issue-00144
commit.gpgsign=true
user.signingkey=15980D34B4EED3FA
neogeek23
  • 813
  • 1
  • 12
  • 23

1 Answers1

7

The problem was in:

gpg.program=gpg2

Even though I have gpg 2.2.13 installed, git still wants to use gpg. This kind of makes sense as all the commands I used above for gnupg use gpg not gpg2. So if you're having this problem check to see if your gpg2 and gpg keys are different.

gpg --list-secret-keys --keyid-format LONG
gpg2 --list-secret-keys --keyid-format LONG
git config -l

Are these different? Does the right key from the right gpg match your git config?

neogeek23
  • 813
  • 1
  • 12
  • 23
  • 1
    This was driving me crazy. And indeed, `git config --global gpg.program gpg2` solved the issue (though the output from `gpg` matched that from `gpg2`). – Izzy Aug 02 '19 at 21:58
  • Thanks, solved my problem; I assume I must have got an update somewhere (previous key was working fine) and hadn't noticed until I came across this problem. – Chris Dec 09 '20 at 12:41
  • Thanks. The "No secret key" error came up randomly for me. I tried what you said but my keys matched. To fix my issue, I had to use `git config --global gpg.program gpg` and everything started working again. – Hiebs915 Dec 10 '21 at 17:06
  • 1
    Dang neither of these is fixing my issue. LONG output matches, but git continually reports it can't find the key. – bc3tech Apr 25 '22 at 20:52