gpg: skipped "N": secret key not available

Asked 8/2, 2017 at 15:38 Answered 18/12, 2022 at 9:42

1. Summary

I can not begin to use Gpg4win.

2. Expected behavior

Successfully commits.

3. Actual behavior

SashaChernykh@DESKTOP-EEOT0TN D:\SashaGitHub
$ git commit -m "[Test] gpg4win"
gpg: skipped "DBA8E7A2": secret key not available
gpg: signing failed: secret key not available
error: gpg failed to sign the data
fatal: failed to write commit object

4. Steps to reproduce

1. Set

I install Gpg4win → I set Gpg4win as in this and this answers:

SashaChernykh@DESKTOP-EEOT0TN D:\SashaGitHub
$ gpg --list-key
gpg: keyring `C:/Users/SashaChernykh/AppData/Roaming/gnupg/pubring.gpg' created
gpg: C:/Users/SashaChernykh/AppData/Roaming/gnupg/trustdb.gpg: trustdb created

SashaChernykh@DESKTOP-EEOT0TN D:\SashaGitHub
$ gpg --gen-key
gpg (GnuPG) 2.0.30; Copyright (C) 2015 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

gpg: keyring `C:/Users/SashaChernykh/AppData/Roaming/gnupg/secring.gpg' created
Please select what kind of key you want:
   (1) RSA and RSA (default)
   (2) DSA and Elgamal
   (3) DSA (sign only)
   (4) RSA (sign only)
Your selection? 1
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 2048
Requested keysize is 2048 bits
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0) 0
Key does not expire at all
Is this correct? (y/N) y

GnuPG needs to construct a user ID to identify your key.

Real name: Sasha Chernykh
Email address: [email protected]
Comment: gpg key for Sasha Chernykh
You selected this USER-ID:
    "Sasha Chernykh (gpg key for Sasha Chernykh) <[email protected]>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
You need a Passphrase to protect your secret key.

We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: key DBA8E7A2 marked as ultimately trusted
public and secret key created and signed.

gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
pub   2048R/DBA8E7A2 2017-02-08
      Key fingerprint = B4F2 6F1B 876F 980E 1C99  BA16 9A72 4724 DBA8 E7A2
uid       [ultimate] Sasha Chernykh (gpg key for Sasha Chernykh) <[email protected]>
sub   2048R/95232DD5 2017-02-08

SashaChernykh@DESKTOP-EEOT0TN D:\SashaGitHub
$ git config --global user.signingkey DBA8E7A2

SashaChernykh@DESKTOP-EEOT0TN D:\SashaGitHub
$ gpg --list-keys
C:/Users/SashaChernykh/AppData/Roaming/gnupg/pubring.gpg
--------------------------------------------------------
pub   2048R/DBA8E7A2 2017-02-08
uid       [ultimate] Sasha Chernykh (gpg key for Sasha Chernykh) <[email protected]>
sub   2048R/95232DD5 2017-02-08

2. GitHub account

I add my GPG key to my GitHub account as write in this and this articles.

GitHub account

3. Commit

Now I try to make a commit to my test remote GitHub repository.

SashaChernykh@DESKTOP-EEOT0TN D:\SashaGitHub
$ git add .

SashaChernykh@DESKTOP-EEOT0TN D:\SashaGitHub
$ git commit -m "[Test] gpg4win"
gpg: skipped "DBA8E7A2": secret key not available
gpg: signing failed: secret key not available
error: gpg failed to sign the data
fatal: failed to write commit object

What I do wrong?

5. Not helped

GPG key in long format as write in this article:

SashaChernykh@DESKTOP-EEOT0TN D:\SashaGitHub
$ gpg --list-secret-keys --keyid-format LONG
C:/Users/SashaChernykh/AppData/Roaming/gnupg/secring.gpg
--------------------------------------------------------
sec   2048R/9A724724DBA8E7A2 2017-02-08
uid                          Sasha Chernykh (gpg key for Sasha Chernykh) <[email protected]>
ssb   2048R/7CCD6FC495232DD5 2017-02-08


SashaChernykh@DESKTOP-EEOT0TN D:\SashaGitHub
$ git config --global user.signingkey 9A724724DBA8E7A2

SashaChernykh@DESKTOP-EEOT0TN D:\SashaGitHub
$ git commit -m "[Test] gpg4win"
gpg: skipped "9A724724DBA8E7A2": secret key not available
gpg: signing failed: secret key not available
error: gpg failed to sign the data
fatal: failed to write commit object

6. Environment

Operating system and version:
Windows 10 Enterprise LTSB 64-bit EN
git:
version 2.11.1.windows.1
gpg:
(GnuPG) 2.0.30 (Gpg4win 2.3.3)

Simoniac answered 8/2, 2017 at 15:38 Comment(0)

1. Demonstration

Verified key

2. Solution

I must be manually set path to gpg2 in git settings.

SashaChernykh@DESKTOP-EEOT0TN D:\SashaGitHub
$ where gpg2
C:\Program Files (x86)\GNU\GnuPG\pub\gpg2.exe

SashaChernykh@DESKTOP-EEOT0TN D:\SashaGitHub
$ git config --global gpg.program "C:/Program Files (x86)/GNU/GnuPG/gpg2.exe"

Now I can make successful commit:

SashaChernykh@DESKTOP-EEOT0TN D:\SashaGitHub
$ git commit -m "[Test] gpg4win"

You need a passphrase to unlock the secret key for
user: "Sasha Chernykh (gpg key for Sasha Chernykh) <[email protected]>"
2048-bit RSA key, ID DBA8E7A2, created 2017-02-08

[master 1321c09] [Test] gpg4win
 2 files changed, 8 insertions(+), 1 deletion(-)
 create mode 100644 desktop.ini

SashaChernykh@DESKTOP-EEOT0TN D:\SashaGitHub
$ git push
Counting objects: 4, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (4/4), done.
Writing objects: 100% (4/4), 817 bytes | 0 bytes/s, done.
Total 4 (delta 0), reused 0 (delta 0)
To https://github.com/Kristinita/SashaGitHub.git
   a2aec74..1321c09  master -> master

Simoniac answered 8/2, 2017 at 16:26 Comment(5)

In case anyone has this problem and is using GnuPgp the steps outlined above work as well, the path is just slightly different at C:\Program Files (x86)\GnuPG\bin\gpg.exe – Mystique 14/3, 2019 at 3:41

This was confusing. I would expect git not to be able to find gpg.exe without the path. I've seen those answers but it didn't make sense to add the path, but yes it does work this way. – Bolter 15/3, 2019 at 14:59

@PawelCioch That's because Git has its own gpg.exe and it uses that one by default. – Ephemerality 25/2, 2020 at 18:40

I have same issue as the question but the solution provided doesn't help? – Hypochondria 14/10, 2020 at 18:8

I have the same question. Looks like it happens by reason of gpg is not installed to git's default path. I tried this article and I successful. – Doublure 13/6, 2021 at 9:34

Setting up GPG keys with Git on Windows can be more difficult to configure than on Mac OS or Linux. Here’s how to set it up.

Download and install GPG4Win
Create a GPG key using this GitHub guide.
Next, open up a new Powershell window and run where.exe gpg to get the exact location of the GPG program installed withGPG4Win.
Take the output from the previous command and put it into: git config --global gpg.program [PATH_HERE], (Make sure to replace ”PATH_HERE” with output from previous command).

Great! Now you have configured your GPG key and told Git what program to use to open it.

Before you can commit, you need to tell Git that this project uses a GPG key for code signing.

First, force Git to sign all commits in this project: git config --local commit.gpgsign true
Then, get the ID of your GPG key: gpg --list-secret-keys --keyid-format LONG.
Add that ID from above to your Git config: git config --local user.signingkey "[GPG_KEY]", (Make sure to replace “GPG_KEY” with the ID from your GPG key in the previous command)

Now that the project is configured to use GPG keys to sign code, you can commit code like normal!

Lunneta answered 18/12, 2022 at 9:42 Comment(0)