I am setting up new machine (macOS Sierra) for web development, and I have done brew install gpg
which has installed gpg2
and gpg-agent
. I have copied my keys from ~.gnupg
on my old mac. I am not installing the mac interface GPG Suite which I had on the old machine as I really would prefer to use just command line.
I have set my git globals with the appropriate settings.
git config --global user.name "Christopher Allen"
git config --global user.email "ChristopherA@LifeWithAlacrity.com"
git config --global user.mail "ChristopherA@LifeWithAlacrity.com"
git config --global user.signingKey F8D36C91357405ED
When I try to commit change to a git repository where git config commit.gpgsign=true
is required, on my old GPG Suite I get a popup window where it asks for my password. However, with GPG only, it does properly find my public key, but it does not prompt me for a password for signing.
$ git commit -S -m "changed code"
You need a passphrase to unlock the secret key for
user: "Christopher Allen <ChristopherA@LifeWithAlacrity.com>"
4096-bit RSA key, ID 357405ED, created 2015-04-16
error: gpg failed to sign the data
fatal: failed to write commit object
$
Researching here, the only mention I see is at " I can't get `git tag -s` to ask for my GPG password " where it suggests the problem is with the environment variables for gpg-agent
(with no suggested solution), or to use gpg-preset-passphrase function (which I'd prefer not to).
Checking further, it appears that gpg-agent
isn't running:
$ gpg-agent
gpg-agent: no gpg-agent running in this session
I found this page https://blog.chendry.org/2015/03/13/starting-gpg-agent-in-osx.html that suggests to add this script to .bash_profile:
[ -f ~/.gpg-agent-info ] && source ~/.gpg-agent-info
if [ -S "${GPG_AGENT_INFO%%:*}" ]; then
export GPG_AGENT_INFO
else
eval $( gpg-agent --daemon --write-env-file ~/.gpg-agent-info )
fi
After sourcing this script, gpg-agent
says:
$ gpg-agent
gpg-agent: gpg-agent running and available
However, I still have the same problem.
Any ideas on how to fix this? I'd prefer not use the old GPG Suite, revert to GPG 1.0, or use gpg-preset-passphrase.
Thanks!
-- Christopher Allen
What I actually did to solve this issue is:
brew install pinentry
If that doesn't do the job then:
export GPG_TTY=$(tty)
This actually fixed it for me.
You could also add this export to your ~/.bashrc
so that it will be exported automatically Don't forget to reload the file or launch a new session.
An easy way to do it: echo "export GPG_TTY=$(tty)" >> ~/.bashrc
If you get this error:
gpg-agent: no gpg-agent running in this session
Add the script mentioned in the question to ~/.bashrc
file as well.
[ -f ~/.gpg-agent-info ] && source ~/.gpg-agent-info
if [ -S "${GPG_AGENT_INFO%%:*}" ]; then
export GPG_AGENT_INFO
else
eval $( gpg-agent --daemon --write-env-file ~/.gpg-agent-info )
fi
echo "Hello" | gpg -s
When git won't ask me for the passphrase, sometimes I use the above test command to get prompted for it, which will get cached and then, I try to commit my changes.
If you want to cache the passphrase for a longer period of time you can add the following line to the config file: ~/.gnupg/gpg-agent.conf
default-cache-ttl 86400
It turns out the problem is that I copied all the files from ~.gnupg
, which overwrote files created by brew install gpg
(probably one of the .conf
files.
I uninstalled gpg and all the associated sub-packages (there are a lot of them), copied only pubring.gpg
, secring.gpg
and trustdb.gpg
into ~.gnupg
FIRST , then did brew install gpg
. New gpg.conf
and gpg-agent.conf
were created.
-- Christopher Allen
None of the answers worked for me.
I had to kill the agent and then called commit with -S
:
gpgconf --kill gpg-agent
git commit -S -am "some message"
I was able to solve this by starting a gpg-agent in daemon mode and then applying the GPG_AGENT_INFO environment variable it presented.
gpg-agent --daemon
GPG_AGENT_INFO=/Users/.../.gnupg/S.gpg-agent:58895:1; export GPG_AGENT_INFO;
In that same session, I did a git tag -s
(note the lowercase 's') and I was properly prompted for my GPG passphrase.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.