I use saltstack to manage my system, and i’ve setup my gpg server and gpg client vm according the docs.
My gitconfig contains this regarding gpg:
[user]
...
signingkey = C1E78CE601392ABCC49072A0B204131BB15B20FE
...
[gpg]
format = openpgpg
[commit]
gpgsign = true
[tag]
gpgsign = true
...
gpg -K correctly prints my key, however i get this warning:
gpg: WARNING: server 'gpg-agent' is older than us (2.2.40 < 2.4.7)
gpg: Note: Outdated servers may lack important security fixes.
gpg: Note: Use the command "gpgconf --kill all" to restart them.
gpg: problem with fast path key listing: IPC parameter error - ignored
...
// then follos the expected output
When trying to sign commits, i get this:
error: gpg failed to sign the data:
gpg: WARNING: server 'gpg-agent' is older than us (2.2.40 < 2.4.7)
gpg: Note: Outdated servers may lack important security fixes.
gpg: Note: Use the command "gpgconf --kill all" to restart them.
gpg: problem with fast path key listing: IPC parameter error - ignored
[GNUPG:] KEY_CONSIDERED C1E78CE601392ABCC49072A0B204131BB15B20FE 2
[GNUPG:] BEGIN_SIGNING H10
gpg: signing failed: No secreted key
[GNUPG:] FAILURE sign 67108881
gpg: signing failed: No secreted key
fatal: failed to write commit objects
Edit:
signing a normal .txt also fails:
gpg: WARNING: server 'gpg-agent' is older than us (2.2.40 < 2.4.7)
gpg: Note: Outdated servers may lack important security fixes.
gpg: Note: Use the command "gpgconf --kill all" to restart them.
gpg: problem with fast path key listing: IPC parameter error - ignored
gpg: signing failed: No secret key
gpg: signing failed: No secret key
Both when trying to sign a commit message and if i try to sign the file i get a popup asking me if I want to allow it:
split-gpg2: '<client-qube>' wants to execute PKSIGN. Do you want to allow this?
When trying to sign something inside my gpg server, it works.