Git/Github: Add GPG Key to Git and Gitlab in Windows

Lets see how to setup GPG Keys for Gitlab, Github and Git and troubleshooting some general problems.

This article is a continuation of the How To Manage Multiple GitHub Accounts In VSCode Using SSH Keys. | One-Time Process.

But some projects also require to setup GPG Keys. And after doing normal procedure of setting up GPG Keys from :

• https://docs.gitlab.com/ee/user/project/repository/signed_commits/gpg.html
• https://docs.github.com/en/authentication/managing-commit-signature-verification/adding-a-gpg-key-to-your-github-account

You may face some error while making signed commits from terminal so this article will help you in that. I also faced this error so want to share my research through this article. Hope it will help you !!!

Step 1: Install GPG

1. Download and install Gpg4win from the official website.
2. Ensure gpg is available in your PATH. You can verify this by opening a terminal (Git Bash or Command Prompt) and typing:

gpg --version

Step 2: Generate a GPG Key

1. Generate the GPG key:

gpg --full-generate-key

2. Follow the prompts:

• Select the key type (RSA and RSA).
• Choose the key size (e.g., 4096).
• Set the key expiration (e.g., 0 for never).
• Enter your name and email address.
• Provide a passphrase for your key.

3. List your GPG keys to get the key ID:

gpg --list-secret-keys --keyid-format LONG

4. You should see an output similar to this:

/path/to/your/keyring  ---------------------------------   
sec   rsa4096/ABCDEF1234567890 2024-01-01 [SC]        
 ABCDEF1234567890ABCDEF1234567890ABCDEF12  
 uid                 [ultimate] Your Name <you@example.com>

Here, ABCDEF1234567890 is your key ID.

Step 3: Export Your GPG Public Key

1. Export the public key:

gpg --armor --export ABCDEF1234567890

2. Copy the output for use in GitLab or other services.

Step 4: Add Your GPG Key to GitLab

1. Log in to GitLab.
2. Go to your user settings.
3. Navigate to the GPG keys section.
4. Add a new GPG key: Paste the exported public key and click “Add key”.

Step 5: Configure Git to Use Your GPG Key

1. Set the GPG signing key:

git config --global user.signingkey ABCDEF1234567890

2. Ensure Git uses GPG for signing commits:

git config --global commit.gpgSign true

3. Configure Git to find the GPG program:

git config --global gpg.program "C:/Program Files (x86)/GnuPG/bin/gpg.exe"

Step 6: Troubleshooting

If you encounter the “No secret key” error

gpg: skipped "name <name@mail.com>": secret key not available 
gpg: signing failed: secret key not available 
error: gpg failed to sign the data 
fatal: failed to write commit object

Then Try the following:

1. Open Terminal or CLI in your machine.
2. Ensure the GPG agent is running:

gpg-connect-agent reloadagent /bye

2. Configure GPG to use loopback for pinentry:

• Edit gpg.conf: Open C:\Users\<YourUsername>\AppData\Roaming\gnupg\gpg.conf (create the file if it doesn't exist) and add:

use-agent pinentry-mode loopback

• Edit gpg-agent.conf: Open C:\Users\<YourUsername>\AppData\Roaming\gnupg\gpg-agent.conf (create the file if it doesn't exist) and add:

allow-loopback-pinentry

• Restart the GPG agent:

gpgconf --kill gpg-agent

• Verify GPG key configuration:

gpg --list-secret-keys --keyid-format LONG

1. Make sure the key ID matches what you have configured in Git.

Step 7: Test GPG Signing with Git

1. Create a test repository:

mkdir test-gpg  cd test-gpg  git init

2. Create a test file and commit it with a GPG signature:

echo "Test GPG signing" > test.txt  git add test.txt  git commit -S -m "Test GPG signing"

Troubleshooting

If you encounter the “No secret key” error, try the following:

1. Ensure the GPG agent is running:

gpg-connect-agent reloadagent /bye

2. Verify the GPG key configuration:

gpg --list-secret-keys --keyid-format LONG

3. Ensure the key ID matches what you have configured in Git.

Following these command-line steps will ensure your GPG key is generated, configured, and properly used for signing Git commits on Windows.