275

I am getting this error when trying to commit using Git.

gpg: skipped "name <[email protected]>": secret key not available gpg: signing failed: secret key not available error: gpg failed to sign the data fatal: failed to write commit object

I have generated a new key as below but it still gives the same error

gpg --list-keys ~/.gnupg/pubring.gpg -------------------------------- pub 2048R/35F5FFB2 2016-04-23 uid name (New key) <[email protected]> sub 2048R/112A8C2D 2016-04-23

The secret key is the same as above

I have found this Generating a GPG key for git tagging and followed the steps but it still doesn't work, any idea?

Improve this question
2
  • 19
    For Windows users, it's much more likely encountering this error because Git on Windows doesn't use the correct gpg. Not finding the correct binary in PATH, git resorts to using internally bundled gpg inside its minified MSYS, which has no knowledge of where your keys are. Setting gpg.program or G(NU)PGHOME variables would resolve it, as specified in a few of the answers below. Commented May 28, 2020 at 19:06
  • 3
    Just a note for myself and some others; I only encountered this error because I accidentally clicked on the box "sign commit" when pushing commits from RStudio. Once unclicked, no problem Commented May 28, 2024 at 4:35

17 Answers 17

Reset to default
395

This worked for me on Windows 10 (Note that I use the absolute path to gpg.exe):

git config --global gpg.program "C:\Program Files (x86)\GnuPG\bin\gpg.exe"

This was the error I got prior to the fix:

gpg: skipped "3E81C*******": secret key not available gpg: signing failed: secret key not available error: gpg failed to sign the data fatal: failed to write commit object
Improve this answer
Sign up to request clarification or add additional context in comments.

12 Comments

Got this error secret key not available with VS Code and setting gpg.exe location solved it.
This worked for me as well. Especially after following the configuring steps from github itself.
Every time my Windows Insider build installs, this option resets. Thanks for this :)
This worked for me as well after adding the absolute path of gpg. Thanks a lot.
yes, this is important as git has own gpg and most people will install gpg for windows and import priv key via kleopatra and only "main" gpg is aware of key location. Great answer
|
199
+100

You need to configure the secret key before using it.

git config user.signingkey 35F5FFB2

Or declare it globally if you want to use the same key for every repository.

git config --global user.signingkey 35F5FFB2

Source: Git Tools - Signing Your Work

Improve this answer

9 Comments

Thank you vey much Leonardo! It works!! Sorry if the question was silly, I had no idea how to solve it.
Is it secure to store .gitconfig with secret key in public repo?
for the record as @melihovv asked about: — The secret key must be on your GPG keyring. Only the hash ID of that key is stored in the config.
I had to do this along with git config --global gpg.program gpg2.
I get a passphrase dialog with 1.4.22 but not with v2. As soon as I do git config --global gpg.program "C:/Program Files (x86)/GnuPG/bin/gpg.exe" it breaks and I get the no secret key errors. What to do?
|
85

What worked for me was adding

git config --global gpg.program "C:/Program Files (x86)/GNU/GnuPG/gpg2.exe"

If you want to find the full path of gpg2.exe:

where gpg2.exe
Improve this answer

4 Comments

Depending on the installed version of GnuPG, you need to do this for gpg.exe instead of gpg2.exe.
thank you, my problem was solved using the full path (that was C:\Users\Me\AppData\Local\gnupg\bin\gpg.exe)
THANK YOU! This worked for me. You saved my day :). I just used "where gpg.exe" as I dont have "gpg2.exe"
recent version: git config --global gpg.program "C:\Program Files (x86)\GnuPG\bin\gpg.exe"
57

I recently found the same secret key not available error and a few more along the way, like GPG agent not found for instance.

In my case I wanted to get commits signed and showing as verified on GitHub.

Below are the complete steps to get it working on Windows 10 x64:

Install GPG

I installed GPG 2.3.1 with winget like so:

C:\> winget install GnuPG.GnuPG

Verify it with:

C:\> gpg --version

Generate GPG key

C:\> gpg --full-generate-key

  • Add your real name and e-mail, the same as used in the GitHub account.

  • The key must be at least 4096 bits.

Export the key in ASCII armor format

First list the key:

C:\> gpg --list-secret-keys --keyid-format=long

sec rsa4096/[short-key] 2021-06-14 [SC]

Then export it:

C:\> gpg --armor --export [short-key]

Copy the key including the BEGIN/END text.

-----BEGIN PGP PUBLIC KEY BLOCK----- [huge-ascii-key] -----END PGP PUBLIC KEY BLOCK-----

Add the GPG armor ASCII key to the GitHub account

Go to Profile > Settings > SSH and GPG keys > New GPG key

Or please follow these visual instructions.

Configure Git to sign all commits by default

C:\> git config --global user.signingkey [short-key] C:\> git config --global commit.gpgsign true C:\> git config --global gpg.program "C:/Program Files (x86)/gnupg/bin/gpg"

Set GPG environment variable for the GPG Agent

Check for GPG agent:

gpg-agent --version

Set the environment variable:

GNUPGHOME=%USERPROFILE%\AppData\Roaming\gnupg

Done

The resulting .gitconfig would have the user section like so:

[user] name = Your Name email = [email protected] signingkey = [short-key] [commit] gpgsign = true [gpg] program = C:/Program Files (x86)/gnupg/bin/gpg
Improve this answer

4 Comments

thanks, this was really helpful, this should be chosen as the best answer
it solves my problem, after reusing "C:\Program Files\Git\usr\bin\gpg.exe", declared in PATH.
For me the only thing missing was setting the GNUPGHOME environment variable, which I had to set to "%USERPROFILE%\.gnupg" because that's where it was installed by default. I created my key with the default 3072 bytes, not 4096 and it worked just fine.
Yeah only changes for me: [gpg] program = C:/Program Files (x86)/gnupg/bin/gpg.exe or git config --global gpg.program "C:/Program Files (x86)/gnupg/bin/gpg.exe" GNUPGHOME=%USERPROFILE%\.gnupg That finally worked with the other listed steps
19

I'like to complete all these answers, cause I've got many issues with this.

These exemples use the --global flag, but you can remove it if you want to to these things locally.

Configure secret key in git

git config --global user.signingkey 35F5FFB2

Configure witch gpg program tu use in git (optional)

Some systems (Ubuntu for exemple) can have gpg and gpg2 at the same time. You need to specify you'll use gpg2

git config --global gpg.program gpg2

Export GPG_TTY (optional)

It is possible if you use these command in an ssh environment that you have the following error : Inappropriate ioctl for device or gpg: échec de la signature : Ioctl() inapproprié pour un périphérique. This can be fixed via :

export GPG_TTY=$(tty)

Auto enable GPG singing (optional)

git config --global commit.gpgsign true
Improve this answer

3 Comments

How does one disable it if you no longer want to use it?
You can do add the --unset flag on those git config commands to disable it
I actually used this git config --global commit.gpgsign true but said false.
14

Using "C:\Program Files\Git\usr\bin\gpg.exe" was the solution for me.
Had to uninstall kleopatra. With it, it was not working.

So, summing up;

  • No need for kleopatra, use GIT default instead.

  • git config --global user.signingkey Y0URK3Y git config --global commit.gpgsign true git config --global gpg.program "C:\Program Files\Git\usr\bin\gpg.exe"
Improve this answer

2 Comments

among all of these, yours, worked with me.
worked for me too
14

The following steps helped me get it fixed:

git config --global gpg.program "C:\Program Files (x86)\GnuPG\bin\gpg.exe" git config --global --unset gpg.format gpg --list-secret-keys --keyid-format=long // this will list the keys and copy the Key-ID

enter image description here

copy the higlighted key in the first line and use in this next query as Key-ID

git config --global user.signingkey <Key-ID> git config --global commit.gpgsign true
Improve this answer

4 Comments

I had to come back to this advice several times on different machines! Thank you for this solution. It was what I was missing.
@MavaddatJavid great! glad to know it helped, you can up-vote if it was helpful for support :)
I am SO sorry that I can only upvote this post one time. You are a life saver, man.
@CésarRodriguez good to know it helped, one upvote is enough too :D
13

I had a situation in which the same was happening to me in a Windows 10 machine.

$ git commit -m "Improve logging, imports and show time executed" gpg: signing failed: Operation cancelled gpg: signing failed: Operation cancelled error: gpg failed to sign the data fatal: failed to write commit object

The commands "C:\Program Files (x86)\GnuPG\bin\gpg.exe" --list-secret-keys --keyid-format LONG and gpg --list-secret-keys --keyid-format LONG where giving me complete different results!

$ where gpg C:\Program Files\Git\usr\bin\gpg.exe C:\Program Files (x86)\GnuPG\bin\gpg.exe

The main reason was related to previous answers but on a different sense:

  • I was creating the gpg keys using the git (configured path) version of GPG
  • Git was configured to use the downloaded version of gpg for the commit.
  • Seems GPG implementations use their own certificate database and storage.

I hope this can help anyone that stumbles on this message and previous answers do not solve ther issue.

Improve this answer

3 Comments

Had to add the secret key to kleopatra from the cli export, as visual studio community seems to use that by default for signing, where as the git cli used a different list/implementation and hence still worked without kleopatra.
I copied everything from C:\Users\USERNAME\.gnupg to C:\Users\USERNAME\AppData\Roaming\gnupg and problem solved!
This worked after I switched to git bash. Powershell terminal in VS Code was not working.
7

You have to set the variable GNUPGHOME. Without it, GnuPG is not able to find your keys. 

# On unix add it to your path # On windows it will usually be under: <drive>:\Users\<username>\AppData\Roaming\gnupg

On Unix it simply adding it to the path.
On Windows you have to open the control panel and set it as 

System Variable Name: GNUPGHOME Path: <drive>:\Users\<username>\AppData\Roaming\gnupg
Improve this answer

1 Comment

For me it was not GNUPGHOME. With GPGHOME it works for me
3

I had the same problem at it was that git name and email store in .gitconfig were different from the ones of the gpg key provided. I changed them in order to match and it started to work.

Improve this answer

1 Comment

For me the problem was that one of the identities on my key had a comment, i.e.: name: "Julian Mehnle", comment: "MyCompany", email: "[email protected]", whereas in my git config I had: user.name: "Julian Mehnle", user.email: "[email protected]". Once I changed user.name to "Julian Mehnle (MyCompany)", git/gpg started discovering the correct key automatically. As a solution of last resort, one can force the use of a specific key with git config --global user.signingkey 0123ABCD.
2

On Windows 11, setting the gpg.program as follows, didn't work for me even though the executable exists in that location.

git config --global gpg.program "C:\Program Files (x86)\gnupg\bin\gpg.exe"

I had to set it as follows:

git config --global gpg.program gpg
Improve this answer

Comments

2

I got this error in VS Code. I ran below command in Bash

git config --global commit.gpgsign false

Then, hit Ctrl+, and open your settings. Uncheck "Enable Commit Signing" in workspace settings if it's enabled.

enter image description here

Now open VS Code Terminal and execute below command

enter image description here

Close and reopen VS Code if needed. It should work now.

Improve this answer

1 Comment

The above worked for me
2

Generate your gpg keys using git bash if your signing your commits

I found for this issue gpg: signing failed: secret key not available was when generating my gpg key for github, the keys were stored in different folder locations depending on the terminal that i used to generate the keys.

OS : Windows 11

gpg version

I am not sure why there are two version's of gpg. I installed "gpg4win-4.3.1.exe" on my pc

There there is a difference on the passphrase dialog box with respect to the terminals used to create the keys.

powershell / git bash passphrase ui dialoge box

Solution

Delete and create a new gpg key on your github after generating it through git bash. Adding a GPG key to your GitHub account

Update your signing key on your git config. git config user.signingkey <new-signingkey>

You don't have to set path of gpg (i.e git config --global gpg.program <path to gpg>)

*UPDATE*

  • Make sure you back up your public key if you are removing your keys.
    • If your commits were signed by a public key (i.e. GPG or SSH) is removed, ALL commits that were signed by this public key will loose their verified signeature. (i.e. labeled as UnVerified).
  • Make a backup of your public key that is in use.
    • If you have multiple signing keys, you'll need to identify which one you want to keep and is being used by regenerating the public key from the private key and matching it with the signing keys you've configured on GitHub.

Signing key is the public key that is generated from the private key on your device and which is to be set on your GitHub.

  • Find the the path to the public key on your machine that you use for git.
    • You can locate these paths by running git config --global --edit in your terminal and checking the signingkey entry under the [user] section in your Git configuration.
 [SSH] C:/Users/USER-NAME/.ssh/id_ed25519.pub [WINDOWS TERMINALS] OR ~/.ssh/id_ed25519.pub [GIT BASH MINGW64] 
 [GPG] C:/Users/USER-NAME/.gnupg/secring.gpg [WINDOWS TERMINALS] OR ~/.gnupg/secring.gpg [GIT BASH MINGW64]
Improve this answer

2 Comments

In my case it is different also, but what you did to get it to work?
@César Rodriguez first you have to remove any keys that you are not using on git bash link how to delete gpg keys and then generate a new gpg key following this link Generate a new gpg key on gitbash on gitBash terminal
1

For me this was an IDE specific problem. I am using Rider. It's git integration is wrapping the GPG key signing mechanism and something just didn't work there.

Solution was to go to Settings > Version Control > Git > Configure GPG Key and uncheck the Sign commits with GPG key feature, then save and reopen the exact same Popup and check it again.

This helped refreshing the internal reference to the key and since then it worked.

Improve this answer

Comments

0

In my case on Fedora Linux, the problem was that I ran git commit in a Distrobox container, which meant gpg-agent got started in the container instead of on my host system. Killing the gpg-agent running in the container and running git commit on my host system afterwards resolved the problem.

Improve this answer

Comments

-5

Maybe you need to clone your own repository where you have rights. I had this issue when I cloned the repository of another person.

Improve this answer

Comments

-5

A quick solution is to disable gpg sign key . Though enabling gpg key seems more secure and ensure whether you are the right person to push the code. It is an giving additional layer of security for integrity of the commits by ensuring on sudden commit by other person. But you can disable gpg key by following way. For specific repo: Inside the folder you can run following command to disable gpg key.

git config commit.gpgsign false

For all repos inside your pc.

git config --global commit.gpgsign false

Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.