Read the doc carefully and don't forget to tell git what gpg key to use.
Finally signed commit with success on Windows machine, and I happily did the same on my Ubuntu virtual machine.
However, GitHub said that the commits by my windows machine was unverified but the ones by Ubuntu was verified.
WTH? That's IMPOSSIBLE! I even copied the private keys to windows machine and without luck.
Alright. The email setting was different between two machines and GitHub requires that the email used to commit MUST equals the email (a.k.a. comment) of GPG key.
And today, when I have succeeded in signing many commits in different repos, I failed to sign this repo...
Type:
git config -lAnd I saw two user.signingkey there... Interesting ...
One is global and one is local, the local one is introduced in the early age when I configure the GPG key generated by windows locally and forgot to remove it...
Alright, damn GPG again.
When I set up gpg keys on WSL today, odd things happend again:
error: gpg failed to sign the data
fatal: failed to write commit object
> echo "test" | gpg2 --clearsign
gpg: signing failed: Inappropriate ioctl for device
gpg: [stdin]: clear-sign failed: Inappropriate ioctl for deviceGPG NEEDS A FOLLISH TTY?!
export GPG_TTY=$(tty)That solved the problem
Oh, god damn it! The first sign after start up always fail on WSL Ubuntu. Type:
echo "test" | gpg2 --clearsignagain and it shows:
gpg: WARNING: unsafe ownership on homedir '/home/ac/.gnupg'
gpg: can't connect to the agent: IPC connect call failed
gpg: can't connect to the agent: IPC connect call failed
gpg: keydb_search failed: No agent running
gpg: no default secret key: No agent running
gpg: [stdin]: clear-sign failed: No agent runningNo agent running. Just need to enable gpg-agent on start up:
echo 'eval $(gpg-agent --daemon 2>/dev/null)' >> ~/.bashrcTo fix unsafe ownership, run:
sudo chown -R $USER:$USER ~/.gnupg
sudo find ~/.gnupg -type d -exec chmod 700 {} \;
sudo find ~/.gnupg -type f -exec chmod 600 {} \;Reference: