You are not logged in.

#1 2017-01-27 14:43:26

walkingrobot
Member
Registered: 2015-03-26
Posts: 15

[SOLVED] gnupg 2.1.18-1 cannot connect to keyserver

Hello,

I know there are several posts on this topic but mine seems different. I am getting

gpg: error searching keyserver: Connection refused
gpg: keyserver search failed: Connection refused

the first time I try and

gpg: no keyserver known (use option --keyserver)
gpg: keyserver search failed: No keyserver available

the second time.

This is true for 2.1.17-4 2.1.18-1 reverting to 2.1.16-2 works. Here is the debug log for 2.1.18

2017-01-27 06:01:06 dirmngr[6170] listening on socket '/run/user/1000/gnupg/S.dirmngr'
2017-01-27 06:01:06 dirmngr[6171.0] permanently loaded certificates: 0
2017-01-27 06:01:06 dirmngr[6171.0]     runtime cached certificates: 0
2017-01-27 06:01:12 dirmngr[6171.6] handler for fd 6 started
2017-01-27 06:01:12 dirmngr[6171.6] DBG: chan_6 -> # Home: /home/denny/.gnupg
2017-01-27 06:01:12 dirmngr[6171.6] DBG: chan_6 -> # Config: /home/denny/.gnupg/dirmngr.conf
2017-01-27 06:01:12 dirmngr[6171.6] DBG: chan_6 -> OK Dirmngr 2.1.18 at your service
2017-01-27 06:01:12 dirmngr[6171.6] connection from process 6173 (1000:1000)
2017-01-27 06:01:12 dirmngr[6171.6] DBG: chan_6 <- GETINFO version
2017-01-27 06:01:12 dirmngr[6171.6] DBG: chan_6 -> D 2.1.18
2017-01-27 06:01:12 dirmngr[6171.6] DBG: chan_6 -> OK
2017-01-27 06:01:12 dirmngr[6171.6] DBG: chan_6 <- KS_SEARCH -- walkingrobot@gmail.com
2017-01-27 06:01:12 dirmngr[6171.6] DBG: dns: libdns initialized
2017-01-27 06:01:12 dirmngr[6171.6] DBG: dns: getsrv(_pgpkey-http._tcp.pgp.mit.edu): Connection refused
2017-01-27 06:01:12 dirmngr[6171.6] command 'KS_SEARCH' failed: Connection refused
2017-01-27 06:01:12 dirmngr[6171.6] DBG: chan_6 -> ERR 167804953 Connection refused <Dirmngr>
2017-01-27 06:01:12 dirmngr[6171.6] DBG: chan_6 <- BYE
2017-01-27 06:01:12 dirmngr[6171.6] DBG: chan_6 -> OK closing connection
2017-01-27 06:01:12 dirmngr[6171.6] handler for fd 6 terminated
2017-01-27 06:01:48 dirmngr[6171.6] handler for fd 6 started
2017-01-27 06:01:48 dirmngr[6171.6] DBG: chan_6 -> # Home: /home/denny/.gnupg
2017-01-27 06:01:48 dirmngr[6171.6] DBG: chan_6 -> # Config: /home/denny/.gnupg/dirmngr.conf
2017-01-27 06:01:48 dirmngr[6171.6] DBG: chan_6 -> OK Dirmngr 2.1.18 at your service
2017-01-27 06:01:48 dirmngr[6171.6] connection from process 6176 (1000:1000)
2017-01-27 06:01:48 dirmngr[6171.6] DBG: chan_6 <- GETINFO version
2017-01-27 06:01:48 dirmngr[6171.6] DBG: chan_6 -> D 2.1.18
2017-01-27 06:01:48 dirmngr[6171.6] DBG: chan_6 -> OK
2017-01-27 06:01:48 dirmngr[6171.6] DBG: chan_6 <- KS_SEARCH -- walkingrobot@gmail.com
2017-01-27 06:01:48 dirmngr[6171.6] DBG: http.c:connect_server: trying name='pgp.mit.edu' port=11371
2017-01-27 06:01:48 dirmngr[6171.6] DBG: dns: resolve_dns_name(pgp.mit.edu): Connection refused
2017-01-27 06:01:48 dirmngr[6171.6] resolving 'pgp.mit.edu' failed: Connection refused
2017-01-27 06:01:48 dirmngr[6171.6] can't connect to 'pgp.mit.edu': host not found
2017-01-27 06:01:48 dirmngr[6171.6] error connecting to 'http://pgp.mit.edu:11371': Unknown host
2017-01-27 06:01:48 dirmngr[6171.6] marking host 'pgp.mit.edu' as dead
2017-01-27 06:01:48 dirmngr[6171.6] host 'pgp.mit.edu' marked as dead
2017-01-27 06:01:48 dirmngr[6171.6] command 'KS_SEARCH' failed: No keyserver available
2017-01-27 06:01:48 dirmngr[6171.6] DBG: chan_6 -> ERR 167772346 No keyserver available <Dirmngr>
2017-01-27 06:01:48 dirmngr[6171.6] DBG: chan_6 <- BYE
2017-01-27 06:01:48 dirmngr[6171.6] DBG: chan_6 -> OK closing connection
2017-01-27 06:01:48 dirmngr[6171.6] handler for fd 6 terminated
2017-01-27 06:06:09 dirmngr[6171.0] SIGINT received - immediate shutdown
2017-01-27 06:06:09 dirmngr[6171.0] dirmngr (GnuPG) 2.1.18 stopped

and the console:

 gpg -vvv --debug-al --search-keys walkingrobot@gmail.com
gpg: reading options from '/home/denny/.gnupg/gpg.conf'
gpg: using character set 'iso-8859-1'
gpg: enabled debug flags: packet mpi crypto filter iobuf memory cache memstat trust hashing ipc clock lookup extprog
gpg: DBG: [not enabled in the source] start
gpg: DBG: chan_3 <- # Home: /home/denny/.gnupg
gpg: DBG: chan_3 <- # Config: /home/denny/.gnupg/dirmngr.conf
gpg: DBG: chan_3 <- OK Dirmngr 2.1.18 at your service
gpg: DBG: connection to the dirmngr established
gpg: DBG: chan_3 -> GETINFO version
gpg: DBG: chan_3 <- D 2.1.18
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> KS_SEARCH -- walkingrobot@gmail.com
gpg: DBG: chan_3 <- ERR 167804953 Connection refused <Dirmngr>
gpg: error searching keyserver: Connection refused
gpg: keyserver search failed: Connection refused
gpg: DBG: chan_3 -> BYE
gpg: DBG: [not enabled in the source] stop
gpg: random usage: poolsize=600 mixed=0 polls=0/0 added=0/0
              outmix=0 getlvl1=0/0 getlvl2=0/0
gpg: secmem usage: 0/32768 bytes in 0 blocks

Thanks for the help.
Dennis

Last edited by walkingrobot (2017-03-18 07:14:40)

Offline

#2 2017-01-27 14:46:46

Scimmia
Fellow
Registered: 2012-09-01
Posts: 11,463

Re: [SOLVED] gnupg 2.1.18-1 cannot connect to keyserver

Stock nsswitch.conf?

Offline

#3 2017-01-27 15:21:59

walkingrobot
Member
Registered: 2015-03-26
Posts: 15

Re: [SOLVED] gnupg 2.1.18-1 cannot connect to keyserver

Scimmia wrote:

Stock nsswitch.conf?

Yes it is.

Offline

#4 2017-01-27 16:45:53

Scimmia
Fellow
Registered: 2012-09-01
Posts: 11,463

Re: [SOLVED] gnupg 2.1.18-1 cannot connect to keyserver

It should work, then. 2.1.17 had some issues, but everything is supposed to be fixed with 2.1.18 and the current nsswitch.conf

Last edited by Scimmia (2017-01-27 19:17:41)

Offline

#5 2017-02-01 16:57:14

Scimmia
Fellow
Registered: 2012-09-01
Posts: 11,463

Re: [SOLVED] gnupg 2.1.18-1 cannot connect to keyserver

Post your nsswitch.conf, let's make sure.

Offline

#6 2017-02-02 10:12:50

walkingrobot
Member
Registered: 2015-03-26
Posts: 15

Re: [SOLVED] gnupg 2.1.18-1 cannot connect to keyserver

Scimmia wrote:

Post your nsswitch.conf, let's make sure.

# Begin /etc/nsswitch.conf

passwd: compat mymachines systemd
group: compat mymachines systemd
shadow: compat

publickey: files

hosts: files mymachines resolve [!UNAVAIL=return] dns myhostname
networks: files

protocols: files
services: files
ethers: files
rpc: files

netgroup: files

# End /etc/nsswitch.conf

I have Arch running is a VBox that works. I am trying to find the difference.

Offline

#7 2017-02-02 23:11:44

dummys
Member
Registered: 2015-12-29
Posts: 9

Re: [SOLVED] gnupg 2.1.18-1 cannot connect to keyserver

Same problem here, downgrading to 2.1.16-2 solved the problem, it seems that 2.1.18 is still broken...

EDIT:
Thanks to gbs:
With 2.1.18, working after running this: sudo pkill dirmngr; dirmngr --debug-all --daemon --standard-resolver
and to make it permanent: echo "standard-resolver" >> $HOME/.gnupg/dirmngr.conf

Last edited by dummys (2017-02-02 23:48:11)

Offline

#8 2017-02-03 03:15:12

walkingrobot
Member
Registered: 2015-03-26
Posts: 15

Re: [SOLVED] gnupg 2.1.18-1 cannot connect to keyserver

dummys wrote:

Same problem here, downgrading to 2.1.16-2 solved the problem, it seems that 2.1.18 is still broken...

EDIT:
Thanks to gbs:
With 2.1.18, working after running this: sudo pkill dirmngr; dirmngr --debug-all --daemon --standard-resolver
and to make it permanent: echo "standard-resolver" >> $HOME/.gnupg/dirmngr.conf

Yep that works for me too.

Thanks for all the help. I'm closing this record.

@scimmia should I open a bug report on this. I ask because I see you were involved with FS#52234

UPDATE:
I have requested FS#52234 ne reopened.

Last edited by walkingrobot (2017-02-06 18:49:34)

Offline

#9 2017-02-06 02:30:16

ThePooN
Member
Registered: 2016-11-27
Posts: 6

Re: [SOLVED] gnupg 2.1.18-1 cannot connect to keyserver

Had the same problem on my laptop (but surprisingly not on my desktop). The above solution worked.

Offline

#10 2017-02-24 12:27:40

walkingrobot
Member
Registered: 2015-03-26
Posts: 15

Re: [SOLVED] gnupg 2.1.18-1 cannot connect to keyserver

Open FS#53070

Offline

#11 2017-03-18 07:17:44

walkingrobot
Member
Registered: 2015-03-26
Posts: 15

Re: [SOLVED] gnupg 2.1.18-1 cannot connect to keyserver

My resolv.conf had 127.0.0.1 in it which is not correct for systemd-resolved. I removerd it and it works without standard-resolver

Offline

#12 2017-03-27 13:08:36

Torro
Member
Registered: 2017-03-27
Posts: 1

Re: [SOLVED] gnupg 2.1.18-1 cannot connect to keyserver

Just FYI for anyone reading: If your resolver refuses to answer queries on dirmngr initialization, gpg will return

gpg: error searching keyserver: Connection refused.
gpg: keyserver search failed: Connection refused

on retry (even after setting a proper resolver, and even when you specify a '--keyserver') gpg will return:

gpg: no keyserver known (use option --keyserver)
gpg: keyserver search failed: No keyserver available

Make sure your resolver resolves and restart your dirmngr.

Offline

Board footer

Powered by FluxBB