You are not logged in.

#1 2017-06-11 18:02:35

KarlKori
Member
Registered: 2016-04-16
Posts: 16

gpg --recv-keys hangs

Hello,

I've read all related topics to this problem, but can't find a proper solution for this.

Example:
$ sudo pkill -9 dirmngr; sudo dirmngr -vvv --debug-all --daemon --standard-resolver --homedir /etc/pacman.d/gnupg --log-file ~/dirmngr_trace.log

dirmngr[16872]: reading options from '/etc/pacman.d/gnupg/dirmngr.conf'
dirmngr[16872]: enabled debug flags: x509 crypto memory cache memstat hashing ipc dns network lookup extprog
DIRMNGR_INFO=/run/user/1000/gnupg/d.334bwnth1rdtw8g6yq3rxprb/S.dirmngr:16873:1; export DIRMNGR_INFO;

$ gpg --debug-all --recv-keys <KEY>

gpg: reading options from '<MY_HOME>/.gnupg/gpg.conf'
gpg: enabled debug flags: packet mpi crypto filter iobuf memory cache memstat trust hashing ipc clock lookup extprog
gpg: DBG: [not enabled in the source] start
gpg: DBG: chan_3 <- # Home: <MY_HOME>
gpg: DBG: chan_3 <- # Config: <MY_HOME>/.gnupg/dirmngr.conf
gpg: DBG: chan_3 <- OK Dirmngr 2.1.21 at your service
gpg: DBG: connection to the dirmngr established
gpg: DBG: chan_3 -> GETINFO version
gpg: DBG: chan_3 <- D 2.1.21
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> KEYSERVER --clear hkp://pgp.mit.edu:11371
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> KS_GET -- 0xF54984BFA16C640F
gpg: DBG: chan_3 <- S PROGRESS tick ? 0 0
gpg: DBG: chan_3 <- S SOURCE [url]http://pgp.mit.edu:11371[/url]
<STUCK HERE>

$ cat ~/dirmngr_trace.log

<info about loaded certificates>
2017-06-11 20:50:14 dirmngr[17875.0] permanently loaded certificates: 165
2017-06-11 20:50:14 dirmngr[17875.0]     runtime cached certificates: 0
2017-06-11 20:50:14 dirmngr[17875.0]            trusted certificates: 165 (164,0,0,1)

$ cat ~/.gnupg/dirmngr.conf

log-file ~/dirmngr.log
honor-http-proxy
standard-resolver

$ cat ~/.gnupg/gpg.conf

no-greeting
no-permission-warning
lock-never
keyserver hkp://pgp.mit.edu:11371
keyserver-options timeout=10

I am connected through ntlm proxy, so there are correctly tuned cntlm and kerberos

Environment variables:

https_proxy=http://127.0.0.1:3128
http_proxy=http://127.0.0.1:3128
ftp_proxy=http://127.0.0.1:3128

I cannot reproduce old behaviour, but initial state was hanging on

$ sudo pacman-key --refresh 

and result of

$ gpg --recv-keys <KEY>

was something like "... No keyserver available"

/etc/resolv.conf seems to be ok.
/root/.gnupg/gpg.conf and /etc/pacman.d/gpg.conf are dublicates of gpg.conf in ~/.gnupg/. Same for dirmngr.conf.

Thank you in advance

Last edited by KarlKori (2017-06-11 18:51:11)

Offline

#2 2017-06-11 18:18:03

jasonwryan
Anarchist
From: .nz
Registered: 2009-05-09
Posts: 30,424
Website

Re: gpg --recv-keys hangs

Please use code tags when pasting to the boards: https://wiki.archlinux.org/index.php/Co … s_and_code


Arch + dwm   •   Mercurial repos  •   Surfraw

Registered Linux User #482438

Offline

#3 2017-06-11 18:51:27

KarlKori
Member
Registered: 2016-04-16
Posts: 16

Re: gpg --recv-keys hangs

jasonwryan wrote:

Please use code tags when pasting to the boards: https://wiki.archlinux.org/index.php/Co … s_and_code

Fixed

Offline

#4 2017-06-14 12:43:19

dikei
Member
Registered: 2010-12-08
Posts: 18

Re: gpg --recv-keys hangs

Try putting

keyserver-options http-proxy=http://127.0.0.1:3128

in gpg.conf

Offline

#5 2017-06-21 16:39:30

KarlKori
Member
Registered: 2016-04-16
Posts: 16

Re: gpg --recv-keys hangs

dikei wrote:

Try putting

keyserver-options http-proxy=http://127.0.0.1:3128

in gpg.conf

Nothing has changed, unfortunately.

Offline

#6 2017-11-14 19:25:24

domson
Member
From: Vienna
Registered: 2017-03-17
Posts: 2
Website

Re: gpg --recv-keys hangs

If you have iptables running, try temporarly:

sudo systemctl stop iptables

this solved the issue for me.
So I opened 11371 (HKP) and 53 (DNS) port,
and also accepted traffic with LO.
Yours,
domson

Last edited by domson (2017-11-15 10:38:32)

Offline

Board footer

Powered by FluxBB