Skip to content

How to Fix GPG Signing Failed Error

DodaTech 2 min read

In this tutorial, you'll learn about How to Fix GPG Signing Failed Error. We cover key concepts, practical examples, and best practices.

The Problem

You run git commit -S and get error: gpg failed to sign the data or gpg: signing failed: No secret key. GPG cannot find your private key, the GPG agent is not running, or the passphrase prompt cannot be shown in your terminal environment. This is especially common in headless environments like CI, VS Code integrated terminal, or tmux sessions.

Quick Fix

1. Check if a GPG key exists

gpg --list-secret-keys --keyid-format=long

Expected output:

sec   rsa4096/ABC123DEF4567890 2024-01-01
uid                 [ultimate] Your Name <you@example.com>

If no key is listed, generate one:

gpg --full-generate-key

2. Tell Git which key to use

git config --global user.signingkey ABC123DEF4567890

The key ID is after rsa4096/ in the listing.

3. Set GPG_TTY for passphrase prompts

export GPG_TTY=$(tty)

Add to ~/.bashrc or ~/.zshrc:

echo 'export GPG_TTY=$(tty)' >> ~/.bashrc
source ~/.bashrc

4. Restart the GPG agent

gpgconf --kill gpg-agent
gpg-agent --daemon

5. Test that GPG works

echo "test" | gpg --clearsign

If this works, GPG is functional. If it hangs or fails, restart the agent.

6. Use pinentry for headless environments

# Install pinentry-tty
sudo apt-get install pinentry-tty

# Configure GPG
echo "pinentry-program /usr/bin/pinentry-tty" >> ~/.gnupg/gpg-agent.conf
gpgconf --kill gpg-agent

7. Cache the passphrase

echo 'default-cache-ttl 3600' >> ~/.gnupg/gpg-agent.conf
gpgconf --kill gpg-agent

8. Test commit signing

git commit --allow-empty -S -m "Test signing"
git log --show-signature -1

Expected output includes: Good "git" signature for you@example.com

9. Use SSH signing as an alternative

git config --global gpg.format ssh
git config --global user.signingkey ~/.ssh/id_ed25519.pub

Common Causes

Cause Error Fix
No GPG key gpg: signing failed: No secret key gpg --full-generate-key
GPG_TTY unset in terminal gpg: cannot open tty: No such device export GPG_TTY=$(tty)
GPG agent not running gpg: failed to sign the data gpgconf --kill gpg-agent && gpg-agent --daemon
Wrong key in Git config gpg: signing failed: secret key not available git config user.signingkey KEY_ID
Terminal pinentry missing No way to enter passphrase apt-get install pinentry-tty
Email mismatch Commit email differs from key uid Use same email in git config user.email as in GPG key

Prevention

  • Add export GPG_TTY=$(tty) to your shell profile on every machine
  • Use SSH commit signing (simpler than GPG for most developers)
  • Cache your passphrase: echo 'default-cache-ttl 3600' >> ~/.gnupg/gpg-agent.conf

Built by the developers of DodaTech

Doda Browser, DodaZIP & Durga Antivirus Pro