GPG signing git commits without graphical user interface
GPG signing git commits is neat, but appears to require a graphical interface by default. Here’s a way around it.
If you like to sign your git commits with a GPG key to verify your authorship of them, you can use these guides on GitHub:
- Generating a new GPG key
- Signing commits
- Telling Git about your signing key
- If using GitHub: Adding a new GPG key to your GitHub account - GitHub shows a neat “verified” badge by every commit of yours signed this way when you’ve set this up, much like on commits you make on the GitHub website.
If you follow these, roughly in order, you’ll be set up to sign each commit you make.
I’ve gone through this setup on both Ubuntu 18.04 and Arch Linux. With default settings, both of them show a password prompt using the graphical user interface. On occasion, I like to use my desktop computer remotely, usually through SSH. I don’t have access to the GUI then, which makes signing a commit impossible.
Setting GPG up for password entry in the terminal fixes this.
In ~/.gnupg/, add or edit gpg.conf, ensure the following is in it:
use-agent pinentry-mode loopback
use-agent tells GPG to keep unlocked private keys in memory, meaning you don’t have to enter your GPG key’s password for each and every commit. Generally if you open a new terminal and then try to sign a commit, it will ask again, though.
pinentry-mode loopback Ensures pin entry queries are redirected to the caller. I won’t pretend I understand exactly what that means.
In ~/.gnupg, add or edit gpg-agent.conf
Add the following:
allow-loopback-pinentry
This is required along with pinentry-mode-loopback.
After making these changes, run:
$ echo "RELOADAGENT" | gpg-connect-agent
To reload this configuration. You should now be all set.
Credits
The following blog post helped me after I tried some different approaches and started hitting the error mentioned in it: