Signing Commits in Git

Reading time ~1 minute

There are some great resources for getting set up with signing Git commits and tags with a GPG key:

After following instructions, I still got the following error:

error: gpg failed to sign the data
fatal: failed to write commit object

Below is a sequence of commands that got everything working properly:

# Assumes homebrew and existing key-pair
brew install pinentry-mac
# Get the secret key value
gpg2 --list-secret-keys | grep ^sec
git config --global user.signingkey {secret-value}
git config --global gpg.program $(which gpg2)
# Sign everything by default
git config --global commit.gpgsign true
echo "no-tty" >> ~/.gnupg/gpg.conf
echo $(which pinentry-mac) >> ~/.gnupg/gpg-agent.conf

When you next sign a tag or commit, you’ll get a dialog asking for the password to your GPG key, and assuming all is well everything should complete nominally.

comments powered by Disqus