I ran into this issue with OSX.

我在 OSX 上遇到了这个问题。

Original answer:

原答案：

It seems like a gpg update (of brew) changed to location of gpgto gpg1, you can change the binary where git looks up the gpg:

这似乎是一个GPG更新（酿造）改为位置gpg来gpg1，你可以改变二元其中Git会查找了GPG：

git config --global gpg.program gpg1

If you don't have gpg1: brew install gpg1.

如果你没有 gpg1: brew install gpg1。

Updated answer:

更新的答案：

It looks like gpg1 is being deprecated/"gently nudged out of usage", so you probably should actually update to gpg2, unfortunately this involves quite a few more steps/a bit of time:

看起来 gpg1 已被弃用/ “轻轻地不再使用”，因此您实际上可能应该更新到 gpg2，不幸的是，这涉及更多步骤/一点时间：

brew upgrade gnupg  # This has a make step which takes a while
brew link --overwrite gnupg
brew install pinentry-mac
echo "pinentry-program /usr/local/bin/pinentry-mac" >> ~/.gnupg/gpg-agent.conf
killall gpg-agent

The first part installs gpg2, and latter is a hack required to use it. For troubleshooting, see this answer(though that is about linux not brew), it suggests a good test:

第一部分安装 gpg2，后者是使用它所需的 hack。对于故障排除，请参阅此答案（尽管这是关于 linux 而不是 brew），它建议进行一个很好的测试：

echo "test" | gpg --clearsign  # on linux it's gpg2 but brew stays as gpg

If this test is successful (no error/output includes PGP signature), you have successfully updated to the latest gpg version.

如果此测试成功（没有错误/输出包括 PGP 签名），则您已成功更新到最新的 gpg 版本。

You should now be able to use git signing again!
It's worth noting you'll need to have:

您现在应该可以再次使用 git 签名了！
值得注意的是，您需要具备：

git config --global gpg.program gpg  # perhaps you had this already? On linux maybe gpg2
git config --global commit.gpgsign true  # if you want to sign every commit

Note: After you've ran a signed commit, you can verify it signed with:

注意：运行签名提交后，您可以验证它是否已签名：

git log --show-signature -1

which will include gpg info for the last commit.

这将包括最后一次提交的 gpg 信息。

If gnupg2 and gpg-agent 2.x are used, be sure to set the environment variable GPG_TTY.

如果使用 gnupg2 和 gpg-agent 2.x，请务必设置环境变量GPG_TTY。

export GPG_TTY=$(tty)

See GPG's documentation about common problems.

请参阅GPG 有关常见问题的文档。

If everything fails, use GIT_TRACE=1to try and see what git is actually doing:

如果一切都失败了，GIT_TRACE=1请尝试查看 git 实际在做什么：

$ GIT_TRACE=1 git commit -m "Add page that always requires a logged-in user"
20:52:58.902766 git.c:328               trace: built-in: git 'commit' '-vvv' '-m' 'Add page that always requires a logged-in user'
20:52:58.918467 run-command.c:626       trace: run_command: 'gpg' '--status-fd=2' '-bsau' '23810377252EF4C2'
error: gpg failed to sign the data
fatal: failed to write commit object

Now run the failing command manually:

现在手动运行失败的命令：

$ gpg -bsau 23810377252EF4C2
gpg: skipped "23810377252EF4C2": Unusable secret key
gpg: signing failed: Unusable secret key

Turns out, my key was expired, gitwas not to blame.

原来，我的钥匙过期了，git不是罪魁祸首。

I've DONEit through this shortand easyrecipe:

我已经订度过这段短暂而简单的食谱：

Auto-sign commits on macOS(Globally and with different IDEs):

在macOS上自动签名提交（全局和使用不同的 IDE）：

Get your signingkeyin this way.

signingkey以这种方式得到你的。

brew install gnupg gnupg2 pinentry-mac
git config --global user.signingkey <YOUR_SIGNING_KEY>
git config --global commit.gpgsign true
git config --global gpg.program gpg

Put the following in gpg.conffile (edit file with nano ~/.gnupg/gpg.confcommand):

将以下内容放入gpg.conf文件（使用nano ~/.gnupg/gpg.conf命令编辑文件）：

no-tty

Put the following in gpg-agent.conffile (edit file with nano ~/.gnupg/gpg-agent.confcommand):

将以下内容放入gpg-agent.conf文件（使用nano ~/.gnupg/gpg-agent.conf命令编辑文件）：

pinentry-program /usr/local/bin/pinentry-mac

Update:

更新：

You might need to execute killall gpg-agentcommand after editing the configurations file, gpg.conf, according to the comments. As the self-explanatory command says, this command will terminate the GPG (Gnu Privacy Guard) agent.

根据注释，您可能需要killall gpg-agent在编辑配置文件后执行命令gpg.conf。正如不言自明的命令所说，此命令将终止 GPG（Gnu Privacy Guard）代理。

May help killing process gpg-agentthat might stuck with old data. So new gpg-agentstarted would ask for password.

可能有助于终止gpg-agent可能卡住旧数据的进程。所以新gpg-agent开始会要求输入密码。

Follow the below url to setup signed commit https://help.github.com/en/articles/telling-git-about-your-signing-key

按照以下网址设置签名提交 https://help.github.com/en/articles/telling-git-about-your-signing-key

if still getting gpg failed to sign the data fatal: failed to write commit object

如果仍然得到 gpg 未能签署数据致命：未能写入提交对象

this is not issue with git ,this is with GPG follow below steps

这不是 git 的问题，这是 GPG 的问题，请按照以下步骤操作

1.gpg --version

1.gpg --version

1. echo "test" | gpg --clearsign

2. echo "test" | gpg --clearsign

if it is showing:

如果它显示：

gpg: signing failed: Inappropriate ioctl for device
gpg: [stdin]: clear-sign failed: Inappropriate ioctl for device

1. then use export GPG_TTY=$(tty)

3. 然后使用 export GPG_TTY=$(tty)

4.then again try echo "test" | gpg --clearsignin which PGP signature is got.

4.然后再次尝试echo "test" | gpg --clearsign在哪个PGP签名中获取。

1. git config -l | grep gpg

5. git config -l | grep gpg

gpg.program=gpg commit.gpgsign=true

gpg.program=gpg commit.gpgsign=true

6.apply git commit -S -m "commitMsz"

6.申请 git commit -S -m "commitMsz"

To anybody who is facing this issue on MacOSmachines, try this:

对于在MacOS机器上遇到此问题的任何人，请尝试以下操作：

1. brew uninstall gpg
2. brew install gpg2
3. brew install pinentry-mac(if needed)
4. gpg --full-generate-keyCreate a key by using an algorithm.
5. Get generated key by executing: gpg --list-keys
6. Set the key here git config --global user.signingkey <Key from your list>
7. git config --global gpg.program /usr/local/bin/gpg
8. git config --global commit.gpgsign true
9. If you want to export your Key to GitHub then: gpg --armor --export <key>and add this key to GitHub at GPG keys: https://github.com/settings/keys(with START and END line included)

1. brew uninstall gpg
2. brew install gpg2
3. brew install pinentry-mac（如果需要的话）
4. gpg --full-generate-key使用算法创建密钥。
5. 通过执行获取生成的密钥： gpg --list-keys
6. 在这里设置密钥 git config --global user.signingkey <Key from your list>
7. git config --global gpg.program /usr/local/bin/gpg
8. git config --global commit.gpgsign true
9. 如果您想将您的密钥导出到 GitHub，则：gpg --armor --export <key>并在 GPG 密钥处将此密钥添加到 GitHub：https: //github.com/settings/keys（包括 START 和 END 行）

If the issue still exists:

如果问题仍然存在：

test -r ~/.bash_profile && echo 'export GPG_TTY=$(tty)' >> ~/.bash_profile

test -r ~/.bash_profile && echo 'export GPG_TTY=$(tty)' >> ~/.bash_profile

echo 'export GPG_TTY=$(tty)' >> ~/.profile

echo 'export GPG_TTY=$(tty)' >> ~/.profile

If the issue still exists:

如果问题仍然存在：

Install https://gpgtools.organd sign the key that you used by pressing Signfrom the menu bar: Key->Sign

安装https://gpgtools.org并通过按菜单栏中的Sign对您使用的密钥进行签名：Key->Sign

If the issue still exists:

如果问题仍然存在：

Go to: ??your global .gitconfigfile which in my case is at: ??/Users/gent/.gitconfigAnd modify the .gitconfigfile (please make sure Email and Name are the same with the one that you have created while generating the Key):

转到：??您的全局.gitconfig文件，在我的情况下位于：?? /Users/gent/.gitconfig并修改.gitconfig文件（请确保 Email 和 Name 与您在生成 Key 时创建的相同）：

[user]
 email = [email protected]
 name = Gent
 signingkey = <YOURKEY>
[gpg]
 program = /usr/local/bin/gpg
[commit]
 gpsign = true
 gpgsign = true
[filter "lfs"]
 process = git-lfs filter-process
 required = true
 clean = git-lfs clean -- %f
 smudge = git-lfs smudge -- %f
[credential]
 helper = osxkeychain

My two cents here:

我的两分钱在这里：

When you create and add a key to gpg-agent you define something called passphrase. Now that passphraseat some point expires, and gpgneeds you to enter it again to unlock your key so that you can start signing again.

当您创建密钥并将其添加到 gpg-agent 时，您定义了一个名为passphrase. 现在，passphrase在某个时间点到期，gpg需要您再次输入以解锁您的密钥，以便您可以再次开始签名。

When you use any other program that interfaces with gpg, gpg's prompt to you to enter your passphrase does notappear (basically gpg-agentwhen daemonized cannot possibly show you the input dialog in stdin).

当您使用的任何其他程序与接口gpg，gpg的提示您输入您的密码会不会（基本上出现gpg-agent进程化不可能告诉你在输入对话框时stdin）。

One of the solutions is gpg --sign a_file.txtthen enter the passphrase that you have entered when you created your key and then everything should be fine (gpg-agentshould automatically sign)

解决方案之一是gpg --sign a_file.txt输入您在创建密钥时输入的密码，然后一切都应该没问题（gpg-agent应该自动签名）

See this answeron how to set longer timeouts for your passphrase so that you do not have to do this all the time.

请参阅此答案，了解如何为您的密码设置更长的超时时间，以便您不必一直这样做。

Or you can completely remove the passphrase with ssh-keygen -p

或者你可以完全删除密码 ssh-keygen -p

Edit: Do a man gpg-agentto read some stuff on how to have the above happen automatically and add the lines:

编辑：man gpg-agent阅读一些关于如何让上述自动发生的内容并添加以下行：

GPG_TTY=$(tty)
export GPG_TTY

on your .bashrc if you are using bash(this is the correct answer but I am keeping my train of thought above as well)

如果您使用 bash，则在您的 .bashrc 上（这是正确的答案，但我也保持上述思路）

Update Oct. 2016: issue 871did mention "Signing stopped working in Git 2.9.3"

2016 年 10 月更新：问题 871确实提到“签名在 Git 2.9.3 中停止工作”

Git for Windows 2.10.1released two days ago (Oct. 4th, 2016) has fixed Interactive GPG signing of commits and tag.

两天前（2016 年 10 月 4 日）发布的适用于 Windows 的 Git 2.10.1修复了提交和标记的交互式 GPG 签名。

the recent gpg-sign change in git (which introduces no problem on Linux) exposes a problem in the way in which, on Windows, non-MSYS2-git interacts with MSYS2-gpg.

最近 git 中的 gpg-sign 更改（在 Linux 上没有问题）暴露了一个问题，即在 Windows 上，非 MSYS2-git 与 MSYS2-gpg 交互的方式。

Original answer:

原答案：

Reading "7.4 Git Tools - Signing Your Work", I assume you have your "user.signingkey" configuration set.

阅读“ 7.4 Git 工具 - 签署您的工作”，我假设您已经user.signingkey设置了“ ”配置。

The last big refactoring (before Git 2.10) around gpg was in commit 2f47eae2a, here that error message was moved to gpg-interface.c

围绕 gpg 的最后一次大重构（在 Git 2.10 之前）是在commit 2f47eae2a 中，这里错误消息已移至gpg-interface.c

A log on that file reveals the recent change in commit af2b21e(Git 2.10)

该文件的日志显示了最近提交 af2b21e(Git 2.10) 的更改

gpg2 already uses the long format by default, but most distributions seem to still have "gpg" be the older 1.x version due to compatibility reasons. And older versions of gpg only show the 32-bit short ID, which is quite insecure.

This doesn't actually matter for the verificationitself: if the verification passes, the pgp signature is good.
But if you don't actually have the key yet, and want to fetch it, or you want to check exactly which key was used for verification and want to check it, we should specify the key with more precision.

gpg2 已经默认使用长格式，但由于兼容性原因，大多数发行版似乎仍然将“gpg”作为较旧的 1.x 版本。而旧版本的 gpg 只显示 32 位的短 ID，这是非常不安全的。

这对于验证本身实际上并不重要：如果验证通过，则 pgp 签名是好的。
但是，如果您实际上还没有密钥，并且想要获取它，或者您想确切地检查哪个密钥用于验证并想要检查它，我们应该更精确地指定密钥。

So check how you specified your user.signingkeyconfiguration, and the version of gpg you are using (gpg1 or gpg2), to see if those have any effect on the error message.

因此，请检查您如何指定user.signingkey配置以及您使用的 gpg 版本（gpg1 或 gpg2），以查看它们是否对错误消息有任何影响。

There is also commit 0581b54which changes the condition for the gpg failed to sign the dataerror message (in complement to commit 0d2b664):

还有提交 0581b54更改了gpg failed to sign the data错误消息的条件（作为提交 0d2b664 的补充）：

We don't read from stderr at all currently. However, we will want to in a future patch, so this also prepares us there (and in that case gpg doeswrite before reading all of the input, though again, it is unlikely that a key uid will fill up a pipe buffer).

我们目前根本不从 stderr 读取。但是，我们将希望在未来的补丁中这样做，因此这也为我们做好了准备（在这种情况下，gpg确实会在读取所有输入之前写入，但同样，键 uid 不太可能填满管道缓冲区）。

Commit 4322353shows gpg now uses a temporary file, so there could be right issues around that.

提交 4322353显示 gpg 现在使用临时文件，因此可能存在正确的问题。

Let's convert to using a tempfile object, which handles the hard cases for us, and add the missing cleanup call.

让我们转换为使用临时文件对象，它为我们处理困难的情况，并添加缺少的清理调用。

The git trace was very revealing for my situation...

git trace 对我的情况非常有启发性......

   GIT_TRACE=1 git commit -m "a commit message"

   13:45:39.940081 git.c:344               trace: built-in: git commit -m 'a commit message'
   13:45:39.977999 run-command.c:640       trace: run_command: gpg --status-fd=2 -bsau 'full name <[email protected]>'
   error: gpg failed to sign the data
   fatal: failed to write commit object

I needed to generate an initial key per the format that gitwas checking against. It's best to copy the value passed to -bsauabove in the logs as is and use below.

我需要根据要git检查的格式生成一个初始密钥。最好-bsau在日志中按原样复制传递给上面的值并在下面使用。

So it becomes,

于是就变成了，

   gpg --quick-generate-key "full name <[email protected]>"

Then it worked.

然后它起作用了。

Hope that helps.

希望有帮助。