Hello. I try to make my first github repo. I have created both a ssh and gpg key. When i try to run git commit -m "message in vs code I get this error:
gpg: skipped "user <user@gmail.com>": No secret key
gpg: signing failed: No secret key
error: gpg failed to sign the data
fatal: failed to write commit object
When i run gpg --list-secret-keys on git bash though I see that in the directory that gpg searches the file with the key is there. The file name is pubring.kbx. Also when i try to show my secret key in git bash: gpg --list-secret-keys --keyid-format=long i get as output the secret key. I have no other keys made only one so what could be the problem?
Thanks for replying @cklassen, I have downloaded gpg4win 4.3.1 and i never had a newer version. I have seen the article you linked that’s why i wrote to this forum because it didn’t work. And what do you mean by try to sign a random file? How do i do that?
Does the public part of your secret key has the email address that github has
as part of its UIDs? (Can you see the same email address if you list the
pubkeys?)
Hi @predator
if your secret key can be seen on the command line (as you have reported)
and is usable (which is something you can test), the next idea I have is that git is using different settings or a different installation of GnuPG.
Maybe you can check your git installation and see if there is another gpg.exe coming with it? Or check the git commands for configuring the call to gpg and change it to a fixed full length path?
To test that you can use your secret key, you could just sign something with it. Maybe a simple file. On the command line that would be like
hi @bernhard, I did what you said and a little more digging and i found that the first key i had made didn’t have a seckey file where was the pubring file. I did a new key pair using kleopatra instead of git bash. When i tried to sign a test file through command prompt it signed fine. But when i try to make the git commits from vs code i get that error. Is there a way that i can do the commits from the command prompt? Do i need to configure something for git or vs code?
Hi @predator,
possibly the call from git uses a different gpg.exe or different settings.
By which installation method did you get your git for windows? How do you call it for doing the commit?
bash - Configure GPG for Git on Windows - Stack Overflow indicates that the git distribution comes with an included GnuPG. So it will have different settings than the system wide one. (It is not an ideal situation, but not shipping GnuPG is also having drawbacks.)
Try gpg --version in the “git bash”.
And check the home directory, it probably is a different one then the same command gives you in cmd.com or powershell.
@bernhard thanks for the reply. I did what you said and when i run where gpg in git bash i get two results: C:\Program Files\Git\usr\bin\gpg.exe and C:\Program Files (x86)\GnuPG\bin\gpg.exe. The cmd shows as result the second path. Now i think that i only have to figure out how to make vs code use the gpg that git bash uses or make git use the system gpg