Trying to sign commits on git using gpg on WSL but does not work

Asked 23/8, 2019 at 3:15 Answered 19/4, 2024 at 3:13

git github gnupg windows-subsystem-for-linux

I have recently tried the Windows Subsystem for Linux lately and as I was attempting to sign my git commits with a recently generated GPG key it spewed out,

verticalfile30@DESKTOP-U284V9I:~/cpo/wsltest$ git commit -S -m "gpg signing"
error: gpg failed to sign the data
fatal: failed to write commit object

I have used git long enough to know that I have to set the local or global variables on git to use my GPG key.

After the first error, I tried to generate another key but that also did not work, including the subkeys.

My GPGs were encrypted in RSA and RSA (default).

I have tried using articles on help.github.com but to no avail.

(Here are some specific sources.) https://help.github.com/en/articles/telling-git-about-your-signing-key

https://help.github.com/en/articles/signing-commits

Here is most of the terminal log

verticalfile30@DESKTOP-U284V9I:~/cpo/wsltest$ git config --global commit.gpgsign true
verticalfile30@DESKTOP-U284V9I:~/cpo/wsltest$ gpg2 --list-secret-keys --keyid-format LONG
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   2  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 2u
gpg: next trustdb check due at 2021-08-22
/home/verticalfile30/.gnupg/pubring.kbx
---------------------------------------
sec   rsa4096/498F47808959B459 2019-08-23 [SC] [expires: 2021-08-22]
      A533C851D2905FC63C161831498F47808959B459
uid                 [ultimate] Vert Simon (Key#3) <[email protected]>
ssb   rsa4096/E4E65BE559FFBE2C 2019-08-23 [E] [expires: 2021-08-22]

sec   rsa4096/B3C88EE54DC15CC9 2019-08-23 [SC]
      87F5399E6BFEF88C1C64794CB3C88EE54DC15CC9
uid                 [ultimate] Vert S (Sop) <[email protected]>
ssb   rsa4096/E868623210106F9D 2019-08-23 [E]

verticalfile30@DESKTOP-U284V9I:~/cpo/wsltest$ git config --global user.signingkey E868623210106F9D
verticalfile30@DESKTOP-U284V9I:~/cpo/wsltest$ git commit -S -m "gpg signing"
error: gpg failed to sign the data
fatal: failed to write commit object
verticalfile30@DESKTOP-U284V9I:~/cpo/wsltest$ git config --global user.signingkey B3C88EE54DC15CC9
verticalfile30@DESKTOP-U284V9I:~/cpo/wsltest$ git commit -S -m "gpg signing"
error: gpg failed to sign the data
fatal: failed to write commit object

Many sources online, as well as other questions on Stack Overflow, ended up saying the same thing, set the global variables. Is there something I am forgetting or getting wrong? Thanks.

Architrave answered 23/8, 2019 at 3:15 Comment(0)

That was followed in microsoft/WSL issue 4029

But in that case, it was:

My key has a passphrase but there is no prompt to enter the passphrase.

But then I read this:

Step 3 is export GPG_TTY=$(tty), which sends the prompt to tty.
After entering my passphrase, everything works.

Example: danhorst/dotfiles commit 805a779, which follows gpg failed to sign the data fatal: failed to write commit object [Git 2.10.0].

You can also refer to "How to sign your commits to GitHub using Visual Studio Code on Windows 10 and WSL2" from Christopher Hamilton.

Q3 2024, the issue 4029 mentioned before mentions:

I figured out that my problem was the ~/.gnupg/gpp-agent.conf file, in particular the line with pinentry-program, but on my host.
Removing that resolved my issue 🚀

Doubtless answered 23/8, 2019 at 4:53 Comment(4)

Can confirm this solution worked in windows 11 – Kussell 4/7, 2021 at 0:30

@AbirTaheer Windows 11?! Now I have to check if I can run this: github.com/rcmaehl/WhyNotWin11 – Doubtless 4/7, 2021 at 9:26

Can confirm this works on Windows 10 & WSL after searching the internet for several hours, making sure the variables were set, etc. The tip off should be... if you have done everything else but are NOT prompted for your GPG passphrase, this could be your working answer. – Lentz 11/2, 2023 at 19:18

@Lentz I have tested it with Windows 11 since my last comment, and I no longer have access to a Windows 10. – Doubtless 11/2, 2023 at 21:38

If you are using Kleopatra to manage your GPG keys in Windows, you can add the following to your ~/.gitconfig within your WSL environment (update your path accordingly):

[gpg]
    program = /mnt/c/Program Files (x86)/GnuPG/bin/gpg.exe

After adding this, the prompt to enter my password for my GPG key appeared as usual.

Background: Using Docker had been extremely slow for me when using mounted volumes. I decided to just deploy the repository within an Ubuntu WSL environment directory (i.e. ~/projects/my_project) and up the containers from there using Docker WSL2 support. I use Visual Studio Code so I could open the editor into the WSL environment directly and work from there. However, I lost the ability to sign my commits. Thus, the solution above allowed me to retain my existing workflow.

Amoritta answered 10/2, 2021 at 18:39 Comment(3)

I have been trying to get this working for a while. I generated my key in Kleopatra, and I was trying to sign commits in WSL2. It was using the linux gpg executable and wasn't working. This allowed me to commit on the WSL2 command line! Thanks! – Grimalkin 12/11, 2021 at 22:47

The solution worked for me and was the simplest, thank you. – Stanislaus 22/5, 2023 at 19:23

gold for those who switch from a working win11 environment to wsl2. Thank you – Mage 12/7, 2023 at 15:43

Follow the below url to setup signed commit https://help.github.com/en/articles/telling-git-about-your-signing-key

if still getting gpg failed to sign the data fatal: failed to write commit object

this is not issue with git ,this is with GPG follow below steps

gpg --version
echo "test" | gpg --clearsign

if it is showing:

gpg: signing failed: Inappropriate ioctl for device
gpg: [stdin]: clear-sign failed: Inappropriate ioctl for device

then use export GPG_TTY=$(tty)
then try again echo "test" | gpg --clearsign in which PGP signature is.

Output:

git config -l | grep gpg

Output:

commit.gpgsign=true
gpg.program=gpg
tag.gpgsign=true

Apply git commit -S -m "initial commit 🚀🚀🚀🚀"
or git config --global commit.gpgsign true

gpg failed to sign the data fatal: failed to write commit object [Git 2.10.0]

Soma answered 3/6, 2021 at 12:2 Comment(4)

Although this solve the problem, When i close my terminal and open again, this issues come back – Libido 23/9, 2021 at 5:2

After step 2. I got the error gpg: can't connect to the agent: IPC connect call failed - which meant that WSL wasn't running the gpg-agent - this answer worked for me – Foulk 12/1, 2022 at 11:31

Has anyone found the way to solve this without having to redo the steps every time? – Unspeakable 7/12, 2023 at 14:29

you can add the "export GPG_TTY=$(tty)" to the .bashrc in your home directory, after either "source .bashrc" or restart of your Ubuntu, it should export this every time you login, and if you add "git config --global commit.gpgsign true" then you can work with git as usual with addition of passphrase after commit to sign it. – Precursory 19/4, 2024 at 7:35

Even with export GPG_TTY=$(tty), I can't get this to work properly on WSL - while it works fine on Linux containers running on a Linux host. The pinentry window might show up on a different terminal, and even with only a single terminal this might show up garbled.

One solution, as Tan gave in https://mcmap.net/q/524814/-trying-to-sign-commits-on-git-using-gpg-on-wsl-but-does-not-work, is to use the Windows gpg.exe from GPG4Win instead. I have scripts to synchronize my GPG keyrings though, and would rather not tweak them, so ... this solution is less invasive: install GPG4Win, and use its pinentry-basic.exe (from https://blog.codeminer42.com/securing-git-commits-on-windows-10-and-wsl2/)

Enter this in ~/.gnupg/gpg-agent.conf

pinentry-program "/mnt/c/Program Files (x86)/GnuPG/bin/pinentry-basic.exe"

Oryx answered 19/4, 2024 at 3:13 Comment(0)

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags