When decrypting I get following error:
$ eyaml decrypt -s 'ENC and the key goes on here'
.gnupg --quiet --no-secmem-warning --no-permission-warning --no-tty --yes --decrypt)
failed with: gpg: Sorry, no terminal at all requested - can't get input
I have checked my keys, everything is in order. At this point I am out of options.
If you configured Automatic Git commit signing with GPG on macOS and you see this error comment out no-tty in ~/.gnupg/gpg.conf as suggested by Fahl-Design.
This will also allow you to generate new GPG keys following the GitHub instructions for new keys.
You need to remove the option --no-tty
--no-tty
Make sure that the TTY (terminal) is never used for any output. This option is needed in some cases because GnuPG sometimes
prints warnings to the TTY even if --batch is used.
For those who are encountering this error from scripts that are running with no TTY available, adding --batch to the GPG command line, or batch to a line in ~/.gnupg/gpg.conf can make the problem go away.
I had to update my git email so that it matched the email on my gpg key and the primary email on my Github.
$ git config --global user.email "myemailaddress#gmail.com"
Related
I want to sign commit with gpg in linux , In windows i can sign , but in linux I have problem . I searched for this error in stackoverflow and github , but they cant solve my problem.
Gpg Error
error: gpg failed to sign the data
fatal: failed to write commit object
.gitconfig
[user]
signingkey = 18BCF98498084997
name = Ali Azmoodeh
email = treeroot.ir#gmail.com
[commit]
gpgsign = true
[gpg]
program = gpg2
I use clion ide to commit my project
Input
git -c credential.helper= -c core.quotepath=false -c log.showSignature=false add --ignore-errors -A -f -- .idea/.gitignore CMakeLists.txt .gitignore .idea/first.iml .idea/modules.xml .idea/misc.xml main.cpp
next
git -c credential.helper= -c core.quotepath=false -c log.showSignature=false commit -F /tmp/git-commit-msg-.txt --
Output
error: gpg failed to sign the data
fatal: failed to write commit object
Then I run this command
gpg --status-fd=2 -bsau 18BCF98498084997
Output
gpg: skipped "18BCF98498084997": No secret key
[GNUPG:] INV_SGNR 9 18BCF98498084997
[GNUPG:] FAILURE sign 17
gpg: signing failed: No secret key
So, I open this location on clion Setting> Git> Configure GPG Key
Error
Cant find suitable private key
Error ScreenShot
Follow the instructions over at this link. It appears that CLion is not able to find the appropriate private key for the specified public key.
In ~/.ssh I have github and bitbucket private key files. Both are encrypted, so when I ssh-add ~/.ssh/github I have to enter a password.
I have a bash script to automate git commands. If the github and/or bitbucket identities have NOT been added yet, then I want to ssh-add them.
I'm looking for a function like:
has_identity_been_added ~/.ssh/github
To simply check if the private, encrypted key file has been added.
I found:
ssh-add -l prints out a string of text for each identity... and I don't know what it is, but it's not the key file name
ssh-add -L prints the public key, which I'm not storing on my local machine, so I'm not sure how to verify against it, without asking for the private key file's password again.
Both of those print the name I gave to the key file like reed#laptop-x1834 (I think that was the automatic name, cause I didn't specify -C in the ssh-keygen, if memory serves).
I'm not sure where to go from here. I don't want to rely upon the ssh-keygen -C "whatever_name".
ssh-add -l print out fingerprint of the keys added.
You can get the fingerprint of a public key with :
ssh-keygen -l -f id_rsa.pub
I generated
gpg --gen-key
and downloaded repo to create a local repository. I am trying to
rpm --addsign <path to rpm file>
Example:
rpm --addsign foo.rpm
foo.rpm:
error: Could not exec gpg: No such file or directory
when I checked:
# rpm --checksig foo.rpm
foo.rpm: digests SIGNATURES NOT OK
I am pretty sure that I have followed the procedure correctly, but not sure why is it showing this.
Can anyone suggest?
Regards,
Tayto
Something on your machine is non-standard.
You can put in your ~/.rpmmacros file:
%_signature gpg
%_gpg_path /home/foo/.gnupg
%_gpg_name Your Company
%_gpgbin /usr/bin/gpg2
%__gpg_sign_cmd %{__gpg} gpg --force-v3-sigs --batch --verbose --no-armor --passphrase-fd 3 --no-secmem-warning -u "%{_gpg_name}" -sbo %{__signature_filename} --digest-algo sha256 %{__plaintext_filename}'
You probably need only one of those lines. I would bet on %_gpg_path, but it can be any other, which needs to be altered.
And do not forget to:
rpm --import your.public.gpg
Otherwise --checksig will not work.
How to know the SSH key's length?
I'm getting the following error for my git pull just recently,
$ git pull
> GitLab: Your SSH key must be at least 2048 bits.
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
where everything had been working fine before.
Instead of guessing (or trial-n-error) which key is the culprit, is it possible to list all my SSH keys' length?
UPDATE:
Only git pull is giving me above error. I.e., my public key is still fine:
$ ssh -T git#salsa.debian.org
Welcome to GitLab, #myid-guest!
The ssh-keygen -lf might not be the answer, as I'm following https://docs.gitlab.com/ee/ssh/, who recommends to use ed25519 as default key, and who also instructs that, to generate a new ED25519 SSH key pair, do ssh-keygen -t ed25519 -C "email#example.com". However, my ssh-keygen -lf reports that
$ ssh-keygen -lf id_ed25519.pub
256 SHA256:PO2bk6B...
It is unlikely that the recommend ED25519 SSH key is only 256 bits long.

Can you try
ssh-keygen -lf keygen.pub
You might have accidentally deleted the public key that Gitlab uses to authenticate you.
I would recommend contacting them, otherwise look up into it.
I am very annoyed with the GPG encryption process in the Linux terminal, I encrypt files with GPG from the terminal with the following command:
gpg --output file_out --symmetric --cipher-algo AES256 file_in
This command has been recommended here since GPG is a reliable encryption package.
The problem is that after enter the password and encrypt the file, the password doesn't get deleted. So anyone who has access to the PC can decrypt this file, and it doesn't get deleted only after I restart the computer.
So if I enter the decryption command right after:
gpg --output file_in --decrypt file_out
It will give this message
gpg: AES256 encrypted data
gpg: encrypted with 1 passphrase
And it will decrypt this automatically. So the password is stored somewhere and it doesn't get deleted until I restart the computer.
Is there any way to clear/wipe the password right after the encryption is finished?
Simply reloading gpg-agent (instead of killing it) clears its passphrase cache. It exists different methods to reload gpg-agent:
echo RELOADAGENT | gpg-connect-agent
gpgconf --reload gpg-agent
pkill -SIGHUP gpg-agent
Passphrase is saved by gpg-agent. GPG tools like gpg start it automatically.
Use gpgconf --kill gpg-agent to stop agent.
Alternatively, you can add --no-symkey-cache option, which disable the passphrase cache used for symmetrical encryption and decryption.
gpg --no-symkey-cache --output file_out --symmetric --cipher-algo AES256 file_in
something like that.