git - gpg onto mac osx: error: gpg failed to sign the data

To anybody who is facing this issue on MacOS machines, try this:

1. brew uninstall gpg
2. brew install gpg2
3. brew install pinentry-mac (if needed)
4. gpg --full-generate-key Create a key by using an algorithm.
5. Get generated key by executing: gpg --list-keys
6. Set the key here git config --global user.signingkey <Key from your list>
7. git config --global gpg.program /usr/local/bin/gpg
8. git config --global commit.gpgsign true
9. If you want to export your Key to GitHub then: gpg --armor --export <key> and add this key to GitHub at GPG keys: https://github.com/settings/keys (with START and END line included)

If the issue still exists:

test -r ~/.bash_profile && echo 'export GPG_TTY=$(tty)' >> ~/.bash_profile

echo 'export GPG_TTY=$(tty)' >> ~/.profile

If the issue still exists:

Install https://gpgtools.org and sign the key that you used by pressing Sign from the menu bar: Key->Sign

If the issue still exists:

Go to: ‎⁨your global .gitconfig file which in my case is at: ‎⁨/Users/gent/.gitconfig And modify the .gitconfig file (please make sure Email and Name are the same with the one that you have created while generating the Key):

[user] email = [email protected] name = Gent signingkey = <YOURKEY> [gpg] program = /usr/local/bin/gpg [commit] gpsign = true gpgsign = true [filter "lfs"] process = git-lfs filter-process required = true clean = git-lfs clean -- %f smudge = git-lfs smudge -- %f [credential] helper = osxkeychain 

p.s I took this answer from my previous answer here: gpg failed to sign the data fatal: failed to write commit object [Git 2.10.0]

I had the same error message and found that my key was expired. So it might be a good idea to check your key expiration with:

gpg --list-keys

If your key is expired as well you can adjust the expiration date with:

gpg --edit-key <YOUR_KEY>

and then:

gpg> expire ...enter the new expiration date... gpg> save 

I ran brew upgrade on macOS and it broke my gpg signing in git, presumably when it updated the gpg package. I assume there's an easier way to force the gpg service to restart correctly (I assume something that was actively running broke when I upgraded the package), but my fix for this was pretty simple: Just restart your computer.

If you are still getting problems in macOS, open ~/.gitconfig and change anything below [gpg] to program = /usr/local/bin/gpg

As can be seen in many answers here, there may be multiple issues causing this and also multiple solutions for each of those issues.

I recommend you to first know what's the actual issue before trying out a solution

To do so, you can enable GIT_TRACE and run the commit command

GIT_TRACE=1 git commit 

Credits go to this awesome gist

Then you'll see the actual command invoked by git to sign:

10:37:22.346480 run-command.c:637 trace: run_command: gpg --status-fd=2 -bsau <your GPG key> 

With that only, you can see if the GPG key used by git is the correct one. If not, you know there's something fishy in your git config

Execute that command to see more details about the error

gpg --status-fd=2 -bsau <your GPG key> 

In my case it was something about inappropriate ioctl for device. So could start looking out around what was causing this

Actually, didn't find anything out there apart from being something related to pinentry. I don't want to configure any pinentry things as per my experience it's easy to mess it up. Furthermore, I know installing gpg-suite brew's cask works like a charm. It even comes with a script to fix invalid pinentry configs. So started figuring out if something else was installed that was disturbing gpg-suite defaults.

Eventually found out that gpgme & gnupg were installed due to being a dependency of poppler cask that had installed recently. Uninstalled poppler, gpgme & gnupg, reinstalled gpg-suite and everything worked again 🎉

Install GPGSuite instead , it has GUI for generating the key.

You can see more details here

In my case the user.signingkey was setting wrong....Copy the right signingkey the problem solved

If this happens to you after installing Xcode, your git binary may have been replaced. (This particular solution assumes you are managing your git install with homebrew.)

Symptoms:

1. You are not prompted for a passphrase
2. Your error message is

   error: gpg failed to sign the data fatal: failed to write commit object 

3. $ git config --global gpg.program throws an error
4. You see a system git instead of one installed by homebrew:

   $ which git /usr/bin/git # should be /usr/local/bin/git with homebrew $ ls -l $(which git) -rwxr-xr-x 1 root wheel 167072 Feb 6 2022 /usr/bin/git # should be a symbolic link with homebrew: # lrwxr-xr-x 1 user admin 28 Aug 16 12:11 /usr/local/bin/git -> ../Cellar/git/2.37.2/bin/git $ git --version git version 2.32.1 (Apple Git-133) 

In this case the solution is to install or reinstall git with homebrew.

$ brew install git # <output> # then restart your terminal $ ls -l $(which git) lrwxr-xr-x 1 user admin 28 Aug 16 12:11 /usr/local/bin/git -> ../Cellar/git/2.37.2/bin/git $ git --version git version 2.37.2 

Don't forget to restart your terminal.

To solve this issue without killing gpg-agent on every restart:

Check if you have multiple copies of gpg and gpg-agent:

$ which -a gpg-agent /opt/homebrew/bin/gpg-agent /usr/local/MacGPG2/bin/gpg-agent $ which -a gpg /opt/homebrew/bin/gpg /usr/local/bin/gpg /usr/local/bin/gpg 

For me, there were some leftover binaries from old Macbook migrations installed by MacGPG2.

Removing those binaries (and symlinks) and checking again to make sure there is only one copy:

$ which -a gpg /opt/homebrew/bin/gpg $ which -a gpg-agent /opt/homebrew/bin/gpg-agent 

Then restart your computer one last time.

gpg should sign correctly without needing to kill anything:

$ echo "test" | gpg --clearsign -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 test -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIzBAEBCgAdFiEE1S8n..... -----END PGP SIGNATURE----- 

I encountered the same problem after upgrading my system to macOS Sonoma (version 14.0). Despite having pinentry-mac installed and correctly configured git and gpg-agent.conf files, I was still facing issues with GPG signing in Git. None of the suggestions above helped.

I decided to upgrade pinentry-mac:

brew upgrade pinentry-mac 

This resolved the issue for me. It seems that the previous version of pinentry-mac was not fully compatible with macOS Sonoma. So, if you're experiencing similar problems, make sure you have the latest version of pinentry-mac installed on your system.

If you are using Oh My Zsh as your framework and update it, you may need to also re-source your .zshrc file source ~/.zshrc because it has GPG_TTY=$(tty)' inside. This fixed my problem, hopefully this can help others too.