gpg secret key not found

Hello. I try to make my first github repo. I have created both a ssh and gpg key. When i try to run git commit -m "message in vs code I get this error:

gpg: skipped "user <>": No secret key
gpg: signing failed: No secret key
error: gpg failed to sign the data
fatal: failed to write commit object

When i run gpg --list-secret-keys on git bash though I see that in the directory that gpg searches the file with the key is there. The file name is pubring.kbx. Also when i try to show my secret key in git bash: gpg --list-secret-keys --keyid-format=long i get as output the secret key. I have no other keys made only one so what could be the problem?

Hi @predator,

can you try to sign a random file? Does that work? You can also read this thread and try the things that are mentioned there: Gpg decryption fails(no secret key found) after upgrade from gpg4win 3.1.1->4.3.0

BTW: Which version of GnuPG are you using?

Thanks for replying @cklassen, I have downloaded gpg4win 4.3.1 and i never had a newer version. I have seen the article you linked that’s why i wrote to this forum because it didn’t work. And what do you mean by try to sign a random file? How do i do that?

Does the public part of your secret key has the email address that github has
as part of its UIDs? (Can you see the same email address if you list the

Yes i have the same email address both for github and the public key. @bernhard

Hi @predator
if your secret key can be seen on the command line (as you have reported)
and is usable (which is something you can test), the next idea I have is that git is using different settings or a different installation of GnuPG.
Maybe you can check your git installation and see if there is another gpg.exe coming with it? Or check the git commands for configuring the call to gpg and change it to a fixed full length path?

To test that you can use your secret key, you could just sign something with it. Maybe a simple file. On the command line that would be like

echo Hello > hi.txt
gpg --sign hi.txt

hi @bernhard, I did what you said and a little more digging and i found that the first key i had made didn’t have a seckey file where was the pubring file. I did a new key pair using kleopatra instead of git bash. When i tried to sign a test file through command prompt it signed fine. But when i try to make the git commits from vs code i get that error. Is there a way that i can do the commits from the command prompt? Do i need to configure something for git or vs code?

Hi @predator,
possibly the call from git uses a different gpg.exe or different settings.

By which installation method did you get your git for windows? How do you call it for doing the commit?

bash - Configure GPG for Git on Windows - Stack Overflow indicates that the git distribution comes with an included GnuPG. So it will have different settings than the system wide one. (It is not an ideal situation, but not shipping GnuPG is also having drawbacks.)

Try gpg --version in the “git bash”.
And check the home directory, it probably is a different one then the same command gives you in or powershell.

How to sign git commits from within an IDE like IntelliJ? - Stack Overflow recommends setting an alias if the wrong gpg is used, you could try setting it to the Gpg4win’s gpg.

@bernhard thanks for the reply. I did what you said and when i run where gpg in git bash i get two results: C:\Program Files\Git\usr\bin\gpg.exe and C:\Program Files (x86)\GnuPG\bin\gpg.exe. The cmd shows as result the second path. Now i think that i only have to figure out how to make vs code use the gpg that git bash uses or make git use the system gpg