Arch Linux

Gekume123

Member

Registered: 2020-09-19

Posts: 29

[SOLVED] AUR PGP - Keyserver receive failed: general error

Hi. I'm trying to download and install the linux-clear package from the AUR, with yay. Am on mobile so sorry for any typos.

Running yay -S linux-clear, it eventually gets to:
"PGP keys need importing"
and lists both keys.

I hit Y to continue, and it says ```gpg: keyserver receive failed: General error```.

Running gpg --recv-keys *key* also fails with the same error.

I tried specifying the Ubuntu keyserver with --keyserver https://keyserver.ubuntu.com and it returns

```gpg: no.valid OpenPGP data found.```.

HTTP instead of HTTPS still has the same error. So does specifying :80 as port.

Here's the contents of my resolv.conf: http://ix.io/2y4r.

If it matters I'm connected to WiFi with IWD, and it's set to use systemd for DNS.

Last edited by Gekume123 (2020-09-19 01:30:33)

loqs

Member

Registered: 2014-03-06

Posts: 18,859

Re: [SOLVED] AUR PGP - Keyserver receive failed: general error

What is the output of:

curl -vo /dev/null https://keyserver.ubuntu.com/

Gekume123

Member

Registered: 2020-09-19

Posts: 29

Re: [SOLVED] AUR PGP - Keyserver receive failed: general error

Here:

http://ix.io/2y4x

Last edited by Gekume123 (2020-09-19 00:50:08)

loqs

Member

Registered: 2014-03-06

Posts: 18,859

Re: [SOLVED] AUR PGP - Keyserver receive failed: general error

Please run both of the following commands:

killall dirmgr
gpg --keyserver https://keyserver.ubuntu.com --search-keys 647F28654894E3BD457199BE38DBBDC86092693E

Does the second still return the same error?

Gekume123

Member

Registered: 2020-09-19

Posts: 29

Re: [SOLVED] AUR PGP - Keyserver receive failed: general error

It displays key info I guess, and then asks to select a key, I hit 1 because only one was displayed, and then it says the same no OpenPGP data found.

http://ix.io/2y4C

loqs

Member

Registered: 2014-03-06

Posts: 18,859

Re: [SOLVED] AUR PGP - Keyserver receive failed: general error

gpg --keyserver hkps://keyserver.ubuntu.com --search-keys 647F28654894E3BD457199BE38DBBDC86092693E

Does the above work?

Gekume123

Member

Registered: 2020-09-19

Posts: 29

Re: [SOLVED] AUR PGP - Keyserver receive failed: general error

It took a lot longer to respond (like almost a whole minute after choosing the key) but it eventually finished with GPG total number processed: 1. Imported: 1

Thanks, so I guess the fix is to use hkps instead of https for my keyserver?

loqs

Member

Registered: 2014-03-06

Posts: 18,859

Re: [SOLVED] AUR PGP - Keyserver receive failed: general error

Yes.  The example from https://wiki.archlinux.org/index.php/Gn … ey_servers ss incorrect in its use of https.  You can change the default keyserver by adding a keyserver entry to ~/.gnupg/dirmngr.conf (file may not exist).

keyserver hkps://keyserver.ubuntu.com

Last edited by loqs (2020-09-19 01:20:53)

Gekume123

Member

Registered: 2020-09-19

Posts: 29

Re: [SOLVED] AUR PGP - Keyserver receive failed: general error

Awesome, thanks so much, it worked

GaKu999

Member

From: US/Eastern

Registered: 2020-06-21

Posts: 696

Re: [SOLVED] AUR PGP - Keyserver receive failed: general error

I must add that certain keys are bogus in that server...

$ gpg --keyserver hkps://keyserver.ubuntu.com --search-keys 0x6BC26A17B9B7018A
gpg: data source: https://162.213.33.9:443
(1)	Alad Wenter <alad@archlinux.org>
	  263 bit EDDSA key 0x6BC26A17B9B7018A, created: 2017-09-07
Keys 1-1 of 1 for "0x6BC26A17B9B7018A".  Enter number(s), N)ext, or Q)uit > 1
gpg: key 0x6BC26A17B9B7018A: 9 duplicate signatures removed
gpg: key 0x6BC26A17B9B7018A: 6 bad signatures
gpg: key 0x6BC26A17B9B7018A: 9 signatures reordered
gpg: key 0x6BC26A17B9B7018A: no user ID for key signature packet of class 13
gpg: key 0x6BC26A17B9B7018A: no user ID for signature
gpg: Total number processed: 1

So you may have to fallback to 'hkp://pool.sks-keyservers.net' sometimes:

$ gpg --keyserver hkp://pool.sks-keyservers.net --receive-keys 0x6BC26A17B9B7018A
gpg: key 0x6BC26A17B9B7018A: 16 duplicate signatures removed
gpg: key 0x6BC26A17B9B7018A: 16 signatures reordered
gpg: key 0x6BC26A17B9B7018A: public key "Alad Wenter <alad@archlinux.org>" imported
gpg: Total number processed: 1
gpg:               imported: 1

And the hkps of that server is overloaded so it doesn't work if you ask.

Last edited by GaKu999 (2020-09-19 01:52:37)

---

My repos • Some snippets

Heisenberg might have been here.

loqs

Member

Registered: 2014-03-06

Posts: 18,859

Re: [SOLVED] AUR PGP - Keyserver receive failed: general error

hkps.pool.sks-keyservers.net is the overloaded hkps pool:

gpg --keyserver hkps://hkps.pool.sks-keyservers.net --search-keys 0x6BC26A17B9B7018A
gpg: error searching keyserver: General error
gpg: keyserver search failed: General error

The hkp pool is pool.sks-keyservers.net

gpg --keyserver hkp://pool.sks-keyservers.net --search-keys 0x6BC26A17B9B7018A
gpg: data source: http://4.35.226.103:11371
(1)	Alad Wenter <alad@mailbox.org>
	Alad Wenter <alad@archlinux.org>
	Alad Wenter <alad@archlinux.info>
	  256 bit EDDSA key 6BC26A17B9B7018A, created: 2017-09-07, expires: 2021-03-28
Keys 1-1 of 1 for "0x6BC26A17B9B7018A".  Enter number(s), N)ext, or Q)uit > 1
gpg: key 6BC26A17B9B7018A: 16 duplicate signatures removed
gpg: key 6BC26A17B9B7018A: 16 signatures reordered
gpg: key 6BC26A17B9B7018A: public key "Alad Wenter <alad@archlinux.org>" imported
gpg: Total number processed: 1
gpg:               imported: 1

https://sks-keyservers.net/overview-of-pools.php

GaKu999

Member

From: US/Eastern

Registered: 2020-06-21

Posts: 696

Re: [SOLVED] AUR PGP - Keyserver receive failed: general error

I kind of fixed that quite late, sorry @loqs
Still the same one with hkp works, I'm assuming that a transparent redirection occurs.

Something can be done about the 'gpg: key 0x6BC26A17B9B7018A: no user ID' part?
Many servers seem to bogus that...

I searched man gpg but there's no option so I assume is a standard security measure that can't be disabled.

Still the keys are different so I'm guessing It's truly bogus...

I guess we have to do use what we have until the WKDs are ready.

Last edited by GaKu999 (2020-09-19 01:56:08)

---

My repos • Some snippets

Heisenberg might have been here.

loqs

Member

Registered: 2014-03-06

Posts: 18,859

Re: [SOLVED] AUR PGP - Keyserver receive failed: general error

I believe keys.openpgp.org will not provide user IDs for unverified records while keys.mailvelope.com/ will not server an unverified record.

Are you encountering the issue on other servers?

GaKu999

Member

From: US/Eastern

Registered: 2020-06-21

Posts: 696

Re: [SOLVED] AUR PGP - Keyserver receive failed: general error

That makes sense, I guess it's key dependent then, not every public key will be verified everywhere.

Test log with 647F28654894E3BD457199BE38DBBDC86092693E:

$ gpg --keyserver hkps://keys.mailvelope.com --search-keys 647F28654894E3BD457199BE38DBBDC86092693E
gpg: data source: https://keys.mailvelope.com:443
gpg: key "647F28654894E3BD457199BE38DBBDC86092693E" not found on keyserver
gpg: keyserver search failed: Not found
...
$ gpg --keyserver hkps://keys.openpgp.org --search-keys 647F28654894E3BD457199BE38DBBDC86092693E
gpg: data source: https://keys.openpgp.org:443
(1)	  4096 bit RSA key 0x38DBBDC86092693E, created: 2011-09-23
Keys 1-1 of 1 for "647F28654894E3BD457199BE38DBBDC86092693E".  Enter number(s), N)ext, or Q)uit > 1
gpg: key 0x38DBBDC86092693E: no user ID
gpg: Total number processed: 1
...
$ gpg --keyserver hkp://pool.sks-keyservers.net --search-keys 647F28654894E3BD457199BE38DBBDC86092693E
gpg: data source: http://95.216.167.177:11371
(1)	Greg Kroah-Hartman <gregkh@kernel.org>
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Greg Kroah-Hartman (Linux kernel stable release signing key) <greg@kro
	  4096 bit RSA key 0x38DBBDC86092693E, created: 2011-09-23
Keys 1-1 of 1 for "647F28654894E3BD457199BE38DBBDC86092693E".  Enter number(s), N)ext, or Q)uit > 1
gpg: key 0x38DBBDC86092693E: public key "Greg Kroah-Hartman <gregkh@linuxfoundation.org>" imported
gpg: Total number processed: 1
gpg:               imported: 1
...
$ gpg --keyserver hkps://keyserver.ubuntu.com --search-keys 647F28654894E3BD457199BE38DBBDC86092693E
gpg: data source: https://162.213.33.9:443
(1)	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Greg Kroah-Hartman <gregkh@kernel.org>
	Greg Kroah-Hartman (Linux kernel stable release signing key) <greg@kro
	  4096 bit RSA key 0x38DBBDC86092693E, created: 2011-09-23
Keys 1-1 of 1 for "647F28654894E3BD457199BE38DBBDC86092693E".  Enter number(s), N)ext, or Q)uit > 1
gpg: key 0x38DBBDC86092693E: public key "Greg Kroah-Hartman <gregkh@linuxfoundation.org>" imported
gpg: Total number processed: 1
gpg:               imported: 1

Test log with DBE7D3DD8C81D58D0A13D0E76BC26A17B9B7018A:

$ gpg --keyserver hkps://keys.mailvelope.com --search-keys DBE7D3DD8C81D58D0A13D0E76BC26A17B9B7018A
gpg: data source: https://keys.mailvelope.com:443
gpg: key "DBE7D3DD8C81D58D0A13D0E76BC26A17B9B7018A" not found on keyserver
gpg: keyserver search failed: Not found
...
$ gpg --keyserver hkps://keys.openpgp.org --search-keys DBE7D3DD8C81D58D0A13D0E76BC26A17B9B7018A
gpg: data source: https://keys.openpgp.org:443
(1)	  256 bit EDDSA key 0x6BC26A17B9B7018A, created: 2017-09-07
Keys 1-1 of 1 for "DBE7D3DD8C81D58D0A13D0E76BC26A17B9B7018A".  Enter number(s), N)ext, or Q)uit > 1
gpg: key 0x6BC26A17B9B7018A: no user ID
gpg: Total number processed: 1
...
$ gpg --keyserver hkp://pool.sks-keyservers.net --search-keys DBE7D3DD8C81D58D0A13D0E76BC26A17B9B7018A
gpg: data source: http://95.216.167.177:11371
(1)	Alad Wenter <alad@mailbox.org>
	Alad Wenter <alad@archlinux.org>
	Alad Wenter <alad@archlinux.info>
	  256 bit EDDSA key 0x6BC26A17B9B7018A, created: 2017-09-07, expires: 2021-03-28
Keys 1-1 of 1 for "DBE7D3DD8C81D58D0A13D0E76BC26A17B9B7018A".  Enter number(s), N)ext, or Q)uit > 1
gpg: key 0x6BC26A17B9B7018A: 16 duplicate signatures removed
gpg: key 0x6BC26A17B9B7018A: 16 signatures reordered
gpg: key 0x6BC26A17B9B7018A: public key "Alad Wenter <alad@archlinux.org>" imported
gpg: Total number processed: 1
gpg:               imported: 1
...
$ gpg --keyserver hkps://keyserver.ubuntu.com --search-keys DBE7D3DD8C81D58D0A13D0E76BC26A17B9B7018A
gpg: data source: https://162.213.33.9:443
(1)	Alad Wenter <alad@archlinux.org>
	  263 bit EDDSA key 0x6BC26A17B9B7018A, created: 2017-09-07
Keys 1-1 of 1 for "DBE7D3DD8C81D58D0A13D0E76BC26A17B9B7018A".  Enter number(s), N)ext, or Q)uit > 1
gpg: key 0x6BC26A17B9B7018A: 9 duplicate signatures removed
gpg: key 0x6BC26A17B9B7018A: 6 bad signatures
gpg: key 0x6BC26A17B9B7018A: 9 signatures reordered
gpg: key 0x6BC26A17B9B7018A: no user ID for key signature packet of class 13
gpg: key 0x6BC26A17B9B7018A: no user ID for signature
gpg: Total number processed: 1

Haven't been capable of searching with 'keyring.debian.org', they seem to have not implemented search, 'pgp.mit.edu' is unreachable for me it seems, and the already known 'hkps.pool.sks-keyservers.net' is overloaded.

Still the weirdness with Alad's key in 'keyserver.ubuntu.com' is confusing...
256 != 263 and everything it's different, out of sync or damaged? Someone should tell him?

I guess more energy on this is unneedeed, since it's already reported on the bugtrackers and AFAIK there is an ongoing progress to fix the root of the issue with the WKD alternative.

Last edited by GaKu999 (2020-09-19 03:43:56)

---

My repos • Some snippets

Heisenberg might have been here.