You are not logged in.

Pages: 1

#1 2025-03-07 20:18:05

solonovamax
Member
Registered: 2020-05-04
Posts: 57
Website

gpg: keyserver receive failed: Server indicated a failure

I'm completely unsure what's causing this, however if I attempt to execute

gpg --recv-keys B420FD3777CCE3A7F0076B55C85668DF69375001

then I will get

gpg: keyserver receive failed: Server indicated a failure

this only occurs on my laptop. on my desktop, which has an identical config to my laptop, this does not occur. I have no clue why.
I've tried so many different things, and am honestly completely dumbfounded on why it's not working.

Here are some things I've tried/stuff about my environment, in no particular order:

gpg config
$ cat ~/.gnupg/gpg.conf
personal-digest-preferences SHA512 SHA384 SHA256 SHA224
default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 BZIP2 ZLIB ZIP Uncompressed
cert-digest-algo SHA512

(note: the same issue occurs with all of these removed. I have only added these to my config in an attempt to exactly mirror the config of my desktop)

using different protocols/keyservers
$ gpg --keyserver https://keyserver.ubuntu.com --recv-keys B420FD3777CCE3A7F0076B55C85668DF69375001
gpg: keyserver receive failed: Server indicated a failure
$ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys B420FD3777CCE3A7F0076B55C85668DF69375001
gpg: keyserver receive failed: Server indicated a failure
$ gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys B420FD3777CCE3A7F0076B55C85668DF69375001
gpg: keyserver receive failed: Server indicated a failure
$ gpg --keyserver https://pgp.mit.edu --recv-keys B420FD3777CCE3A7F0076B55C85668DF69375001
gpg: keyserver receive failed: Server indicated a failure
$ gpg --keyserver hkp://pgp.mit.edu --recv-keys B420FD3777CCE3A7F0076B55C85668DF69375001
gpg: keyserver receive failed: Server indicated a failure
$ gpg --keyserver $(dig +short keyserver.ubuntu.com | head -n1) --recv-keys B420FD3777CCE3A7F0076B55C85668DF69375001
gpg: keyserver receive failed: No keyserver available
max debug level logs
$ cat > ~/.gnupg/dirmngr.conf <<EOF
log-file /home/solonovamax/.gnupg/dirmngr.log
verbose
debug-level guru
EOF
$ pkill dirmngr
$ gpg --debug-level=guru --recv-keys B420FD3777CCE3A7F0076B55C85668DF69375001
gpg: enabled debug flags: packet mpi crypto filter iobuf memory cache memstat trust hashing ipc clock lookup extprog
gpg: enabled compatibility flags:
gpg: DBG: [no clock] start
gpg: DBG: chan_3 <- # Home: /home/solonovamax/.gnupg
gpg: DBG: chan_3 <- # Config: /home/solonovamax/.gnupg/dirmngr.conf
gpg: DBG: chan_3 <- OK Dirmngr 2.4.7 at your service, process 12808
gpg: DBG: connection to the dirmngr established
gpg: DBG: chan_3 -> GETINFO version
gpg: DBG: chan_3 <- D 2.4.7
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> KS_GET -- 0xB420FD3777CCE3A7F0076B55C85668DF69375001
gpg: DBG: chan_3 <- ERR 219 Server indicated a failure <Unspecified source>
gpg: keyserver receive failed: Server indicated a failure
gpg: DBG: chan_3 -> BYE
gpg: DBG: [no clock] stop
gpg: keydb: handles=0 locks=0 parse=0 get=0
gpg:        build=0 update=0 insert=0 delete=0
gpg:        reset=0 found=0 not=0 cache=0 not=0
gpg: kid_not_found_cache: count=0 peak=0 flushes=0
gpg: sig_cache: total=0 cached=0 good=0 bad=0
gpg: objcache: keys=0/0/0 chains=0,0..0 buckets=0/0 attic=0
gpg: objcache: uids=0/0/0 chains=0,0..0 buckets=0/0
gpg: random usage: poolsize=600 mixed=0 polls=0/0 added=0/0
              outmix=0 getlvl1=0/0 getlvl2=0/0
gpg: rndjent stat: collector=0x0000000000000000 calls=0 bytes=0
gpg: secmem usage: 0/32768 bytes in 0 blocks
$ cat ~/.gnupg/dirmngr.log
2025-03-07 14:26:32 dirmngr[21123.0] permanently loaded certificates: 150
2025-03-07 14:26:32 dirmngr[21123.0]     runtime cached certificates: 0
2025-03-07 14:26:32 dirmngr[21123.0]            trusted certificates: 150 (150,0,0,0)
2025-03-07 14:26:32 dirmngr[21123.6] handler for fd 6 started
2025-03-07 14:26:32 dirmngr[21123.6] DBG: chan_6 -> # Home: /home/solonovamax/.gnupg
2025-03-07 14:26:32 dirmngr[21123.6] DBG: chan_6 -> # Config: /home/solonovamax/.gnupg/dirmngr.conf
2025-03-07 14:26:32 dirmngr[21123.6] DBG: chan_6 -> OK Dirmngr 2.4.7 at your service, process 21123
2025-03-07 14:26:32 dirmngr[21123.6] connection from process 21122 (1000:1000)
2025-03-07 14:26:32 dirmngr[21123.6] DBG: chan_6 <- GETINFO version
2025-03-07 14:26:32 dirmngr[21123.6] DBG: chan_6 -> D 2.4.7
2025-03-07 14:26:32 dirmngr[21123.6] DBG: chan_6 -> OK
2025-03-07 14:26:32 dirmngr[21123.6] DBG: chan_6 <- KS_GET -- 0xB420FD3777CCE3A7F0076B55C85668DF69375001
2025-03-07 14:26:42 dirmngr[21123.6] command 'KS_GET' failed: Server indicated a failure <Unspecified source>
2025-03-07 14:26:42 dirmngr[21123.6] DBG: chan_6 -> ERR 219 Server indicated a failure <Unspecified source>
2025-03-07 14:26:42 dirmngr[21123.6] DBG: chan_6 <- BYE
2025-03-07 14:26:42 dirmngr[21123.6] DBG: chan_6 -> OK closing connection
2025-03-07 14:26:42 dirmngr[21123.6] handler for fd 6 terminated
using the 1.1.1.1 dns

Changing /etc/resolv.conf from

# Generated by NetworkManager
search lan
nameserver 192.168.86.1

to

# Generated by NetworkManager
search lan
nameserver 1.1.1.1

Checking to make sure that it can resolve keyserver.ubuntu.com (note: the result is the same regardless of dns server used)

$ ping keyserver.ubuntu.com
PING keyserver.ubuntu.com (185.125.188.26) 56(84) bytes of data.

(note: keyserver.ubuntu.com does not respond to pings, but as shown it can resolve properly)

$ nslookup keyserver.ubuntu.com
Server:		192.168.86.1
Address:	192.168.86.1#53

Non-authoritative answer:
Name:	keyserver.ubuntu.com
Address: 185.125.188.27
Name:	keyserver.ubuntu.com
Address: 185.125.188.26
Name:	keyserver.ubuntu.com
Address: 2620:2d:4000:1007::70c
Name:	keyserver.ubuntu.com
Address: 2620:2d:4000:1007::d43
mtr
$ mtr --tcp --report -c 10 keyserver.ubuntu.com
Start: 2025-03-07T14:41:29-0500
HOST: solo-laptop                 Loss%   Snt   Last   Avg  Best  Wrst StDev
  1.|-- 46dd6c48c6fc81fab0cb98d86  0.0%    10    2.2   5.9   2.2  26.3   7.3
  2.|-- 192.168.2.1                0.0%    10    2.7  24.4   2.7 107.2  41.4
  3.|-- 10.11.16.9                 0.0%    10   56.0  16.1   4.1  56.0  18.2
  4.|-- ???                       100.0    10    0.0   0.0   0.0   0.0   0.0
  5.|-- 10.115.51.122              0.0%    10  118.7  27.4   5.1 118.7  42.6
  6.|-- ???                       100.0    10    0.0   0.0   0.0   0.0   0.0
  7.|-- 64.230.38.186              0.0%    10    7.0   8.1   5.5  15.5   2.8
        64.230.38.188
        64.230.38.184
  8.|-- 64.230.26.133              0.0%    10  108.1  25.3   6.4 108.1  38.3
        64.230.33.141
        64.230.33.142
  9.|-- port-channel3.switch1.ymq 30.0%    10  4109. 3103.   7.4 5255. 1703.7
 10.|-- as6939.core1.nyc4.he.net   0.0%    10  3090. 637.0  12.7 3090. 990.7
 11.|-- port-channel20.core3.lon2 20.0%    10  4209. 1383.  83.4 4209. 1524.6
 12.|-- 100ge0-35.core1.lon6.he.n  0.0%    10  106.7  96.3  81.5 198.6  36.8
 13.|-- swp9.il3-core1.canonical.  0.0%    10  155.6 107.6  79.8 167.8  34.9
        swp9.il3-core2.canonical.com
 14.|-- keyserver.ubuntu.com       0.0%    10  120.2 122.9  79.4 245.2  66.2
using systemd-resolved's dns
$ sudo rm -rf /etc/resolv.conf
$ sudo ln -s /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf
$ cat /etc/resolv.conf
# This is /run/systemd/resolve/stub-resolv.conf managed by man:systemd-resolved(8).
# Do not edit.
#
# This file might be symlinked as /etc/resolv.conf. If you're looking at
# /etc/resolv.conf and seeing this text, you have followed the symlink.
#
# This is a dynamic resolv.conf file for connecting local clients to the
# internal DNS stub resolver of systemd-resolved. This file lists all
# configured search domains.
#
# Run "resolvectl status" to see details about the uplink DNS servers
# currently in use.
#
# Third party programs should typically not access this file directly, but only
# through the symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a
# different way, replace this symlink by a static file or a different symlink.
#
# See man:systemd-resolved.service(8) for details about the supported modes of
# operation for /etc/resolv.conf.

nameserver 127.0.0.53
options edns0 trust-ad
search lan
$ sudo systemd-resolve --flush-caches
$ gpg --keyserver https://keyserver.ubuntu.com --recv-keys B420FD3777CCE3A7F0076B55C85668DF69375001
gpg: keyserver receive failed: Server indicated a failure

at the same time, I had also done

$ sudo systemctl edit systemd-resolved

and added

[Service]
Environment=SYSTEMD_LOG_LEVEL=debug

and then watched the log with

$ sudo systemctl restart systemd-resolve
$ journalctl -u systemd-resolved -f

and see absolutely nothing in the logs.
however, if I instead do

$ sudo systemd-resolve --flush-caches
$ gpg --keyserver $(dig +short keyserver.ubuntu.com | head -n1) --recv-keys B420FD3777CCE3A7F0076B55C85668DF69375001
gpg: keyserver receive failed: No keyserver available

then the following shows up in the logs:

Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Received dns UDP packet of size 61, ifindex=0, ttl=64, fragsize=0, sender=127.0.0.1, destination=127.0.0.53
Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Got DNS stub UDP query packet for id 2486
Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Looking up RR for keyserver.ubuntu.com IN A.
Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Cache miss for keyserver.ubuntu.com IN A
Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Firing regular transaction 28695 for <keyserver.ubuntu.com IN A> scope dns on */* (validate=yes).
Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Using feature level UDP+EDNS0 for transaction 28695.
Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Using DNS server 45.90.28.0#solo-laptop-a6b773.dns.nextdns.io for transaction 28695.
Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Announcing packet size 1472 in egress EDNS(0) packet.
Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Emitting UDP, link MTU is 1500, socket MTU is 1500, minimal MTU is 40
Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Sending query packet with id 28695 of size 49.
Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Cache miss for keyserver.ubuntu.com IN A
Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Firing regular transaction 42433 for <keyserver.ubuntu.com IN A> scope dns on wlo1/* (validate=yes).
Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Using feature level UDP+EDNS0 for transaction 42433.
Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Using DNS server 192.168.86.1 for transaction 42433.
Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Announcing packet size 1472 in egress EDNS(0) packet.
Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Emitting UDP, link MTU is 1500, socket MTU is 0, minimal MTU is 40
Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Sending query packet with id 42433 of size 49.
Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Processing query...
Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Received dns UDP packet of size 81, ifindex=3, ttl=0, fragsize=0, sender=192.168.86.1, destination=192.168.86.239
Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Processing incoming packet of size 81 on transaction 42433 (rcode=SUCCESS).
Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Added positive unauthenticated non-confidential cache entry for keyserver.ubuntu.com IN A 569s on wlo1/INET/192.168.86.1
Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Added positive unauthenticated non-confidential cache entry for keyserver.ubuntu.com IN A 569s on wlo1/INET/192.168.86.1
Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Regular transaction 42433 for <keyserver.ubuntu.com IN A> on scope dns on wlo1/* now complete with <success> from network (unsigned; non-confidential).
Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Sending response packet with id 2486 on interface 1/AF_INET of size 81.
Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Freeing transaction 42433.
Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Received dns UDP packet of size 81, ifindex=3, ttl=0, fragsize=0, sender=45.90.28.0, destination=192.168.86.239
Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Processing incoming packet of size 81 on transaction 28695 (rcode=SUCCESS).
Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Added positive unauthenticated non-confidential cache entry for keyserver.ubuntu.com IN A 600s on wlo1/INET/45.90.28.0
Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Added positive unauthenticated non-confidential cache entry for keyserver.ubuntu.com IN A 600s on wlo1/INET/45.90.28.0
Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Regular transaction 28695 for <keyserver.ubuntu.com IN A> on scope dns on */* now complete with <success> from network (unsigned; non-confidential).
Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Freeing transaction 28695.

so it seems like for some reason, it's not using my system dns??? and possibly it might just have a broken network configuration somehow??

if I add

standard-resolver

to ~/.gnupg/dirmngr.conf and then execute

$ sudo systemd-resolve --flush-caches
$ gpg --debug-level=guru --keyserver https://keyserver.ubuntu.com --recv B420FD3777CCE3A7F0076B55C85668DF69375001

I see

Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: varlink: New incoming connection.
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: varlink: Connections of user 1000: 0 (of 576 max)
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: varlink-28-28: Setting state idle-server
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: varlink-28-28: Received message: {"method":"io.systemd.Resolve.ResolveHostname","parameters":{"name":"keyserver.ubuntu.com","flags":0}}
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: varlink-28-28: Changing state idle-server → processing-method
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: idn2_lookup_u8: keyserver.ubuntu.com → keyserver.ubuntu.com
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Looking up RR for keyserver.ubuntu.com IN A.
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Looking up RR for keyserver.ubuntu.com IN AAAA.
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Cache miss for keyserver.ubuntu.com IN A
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Firing regular transaction 4613 for <keyserver.ubuntu.com IN A> scope dns on */* (validate=yes).
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Using feature level UDP+EDNS0 for transaction 4613.
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Using DNS server 45.90.28.0#solo-laptop-a6b773.dns.nextdns.io for transaction 4613.
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Announcing packet size 1472 in egress EDNS(0) packet.
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Emitting UDP, link MTU is 1500, socket MTU is 1500, minimal MTU is 40
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Sending query packet with id 4613 of size 49.
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Cache miss for keyserver.ubuntu.com IN AAAA
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Firing regular transaction 6170 for <keyserver.ubuntu.com IN AAAA> scope dns on */* (validate=yes).
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Using feature level UDP+EDNS0 for transaction 6170.
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Using DNS server 45.90.28.0#solo-laptop-a6b773.dns.nextdns.io for transaction 6170.
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Announcing packet size 1472 in egress EDNS(0) packet.
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Emitting UDP, link MTU is 1500, socket MTU is 1500, minimal MTU is 40
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Sending query packet with id 6170 of size 49.
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Cache miss for keyserver.ubuntu.com IN AAAA
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Firing regular transaction 54496 for <keyserver.ubuntu.com IN AAAA> scope dns on wlo1/* (validate=yes).
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Using feature level UDP+EDNS0 for transaction 54496.
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Using DNS server 192.168.86.1 for transaction 54496.
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Announcing packet size 1472 in egress EDNS(0) packet.
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Emitting UDP, link MTU is 1500, socket MTU is 0, minimal MTU is 40
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Sending query packet with id 54496 of size 49.
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Cache miss for keyserver.ubuntu.com IN A
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Firing regular transaction 22399 for <keyserver.ubuntu.com IN A> scope dns on wlo1/* (validate=yes).
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Using feature level UDP+EDNS0 for transaction 22399.
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Using DNS server 192.168.86.1 for transaction 22399.
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Announcing packet size 1472 in egress EDNS(0) packet.
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Emitting UDP, link MTU is 1500, socket MTU is 0, minimal MTU is 40
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Sending query packet with id 22399 of size 49.
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: varlink-28-28: Changing state processing-method → pending-method
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Received dns UDP packet of size 81, ifindex=3, ttl=0, fragsize=0, sender=192.168.86.1, destination=192.168.86.239
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Processing incoming packet of size 81 on transaction 22399 (rcode=SUCCESS).
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Added positive unauthenticated non-confidential cache entry for keyserver.ubuntu.com IN A 40s on wlo1/INET/192.168.86.1
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Added positive unauthenticated non-confidential cache entry for keyserver.ubuntu.com IN A 40s on wlo1/INET/192.168.86.1
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Regular transaction 22399 for <keyserver.ubuntu.com IN A> on scope dns on wlo1/* now complete with <success> from network (unsigned; non-confidential).
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Received dns UDP packet of size 105, ifindex=3, ttl=0, fragsize=0, sender=192.168.86.1, destination=192.168.86.239
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Processing incoming packet of size 105 on transaction 54496 (rcode=SUCCESS).
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Added positive unauthenticated non-confidential cache entry for keyserver.ubuntu.com IN AAAA 567s on wlo1/INET/192.168.86.1
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Added positive unauthenticated non-confidential cache entry for keyserver.ubuntu.com IN AAAA 567s on wlo1/INET/192.168.86.1
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Regular transaction 54496 for <keyserver.ubuntu.com IN AAAA> on scope dns on wlo1/* now complete with <success> from network (unsigned; non-confidential).
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Freeing transaction 22399.
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: varlink-28-28: Sending message: {"parameters":{"addresses":[{"ifindex":3,"family":10,"address":[38,32,0,45,64,0,16,7,0,0,0,0,0,0,7,12]},{"ifindex":3,"family":10,"address":[38,32,0,45,64,0,16,7,0,0,0,0,0,0,13,67]},{"ifindex":3,"family":2,"address":[185,125,188,27]},{"ifindex":3,"family":2,"address":[185,125,188,26]}],"name":"keyserver.ubuntu.com","flags":8388609}}
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: varlink-28-28: Changing state pending-method → idle-server
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Freeing transaction 54496.
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: varlink-28-28: Got POLLHUP from socket.
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: varlink-28-28: Changing state idle-server → pending-disconnect
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: varlink-28-28: Changing state pending-disconnect → processing-disconnect
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: varlink-28-28: Changing state processing-disconnect → disconnected
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Received dns UDP packet of size 105, ifindex=3, ttl=0, fragsize=0, sender=45.90.28.0, destination=192.168.86.239
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Processing incoming packet of size 105 on transaction 6170 (rcode=SUCCESS).
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Added positive unauthenticated non-confidential cache entry for keyserver.ubuntu.com IN AAAA 293s on wlo1/INET/45.90.28.0
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Added positive unauthenticated non-confidential cache entry for keyserver.ubuntu.com IN AAAA 293s on wlo1/INET/45.90.28.0
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Regular transaction 6170 for <keyserver.ubuntu.com IN AAAA> on scope dns on */* now complete with <success> from network (unsigned; non-confidential).
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Freeing transaction 6170.
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Received dns UDP packet of size 81, ifindex=3, ttl=0, fragsize=0, sender=45.90.28.0, destination=192.168.86.239
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Processing incoming packet of size 81 on transaction 4613 (rcode=SUCCESS).
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Added positive unauthenticated non-confidential cache entry for keyserver.ubuntu.com IN A 600s on wlo1/INET/45.90.28.0
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Added positive unauthenticated non-confidential cache entry for keyserver.ubuntu.com IN A 600s on wlo1/INET/45.90.28.0
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Regular transaction 4613 for <keyserver.ubuntu.com IN A> on scope dns on */* now complete with <success> from network (unsigned; non-confidential).
Mar 07 15:09:28 solo-laptop systemd-resolved[12376]: Freeing transaction 4613.

in the systemd-resolved logs, however the gpg command hangs at

gpg: enabled debug flags: packet mpi crypto filter iobuf memory cache memstat trust hashing ipc clock lookup extprog
gpg: enabled compatibility flags:
gpg: DBG: [no clock] start
gpg: DBG: chan_3 <- # Home: /home/solonovamax/.gnupg
gpg: DBG: chan_3 <- # Config: /home/solonovamax/.gnupg/dirmngr.conf
gpg: DBG: chan_3 <- OK Dirmngr 2.4.7 at your service, process 28929
gpg: DBG: connection to the dirmngr established
gpg: DBG: chan_3 -> GETINFO version
gpg: DBG: chan_3 <- D 2.4.7
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> KEYSERVER --clear https://keyserver.ubuntu.com
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> KS_GET -- B420FD3777CCE3A7F0076B55C85668DF69375001

forever (from what I can tell), and dirmngr needs to be killed with

pkill -9 dirmngr

or else it just won't exit.

if there's any more info that is needed, please let me know.

Thanks for your time,
solonovamax

https://solonovamax.gay

Offline

#2 Yesterday 07:31:31

-thc
Member
Registered: 2017-03-15
Posts: 796

Re: gpg: keyserver receive failed: Server indicated a failure

Burrowed in the systemd-resolved logs are hints that the DNS resolution is done via

Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Using DNS server 45.90.28.0#solo-laptop-a6b773.dns.nextdns.io for transaction 28695.

and "nextdns.io" is advertising itself as "NextDNS - The new firewall for the modern Internet".

Is this configuration intended and the same for the other PCs on which gpg works?

Offline

#3 Today 03:44:41

solonovamax
Member
Registered: 2020-05-04
Posts: 57
Website

Re: gpg: keyserver receive failed: Server indicated a failure

-thc wrote:

Burrowed in the systemd-resolved logs are hints that the DNS resolution is done via

Mar 07 14:58:40 solo-laptop systemd-resolved[12376]: Using DNS server 45.90.28.0#solo-laptop-a6b773.dns.nextdns.io for transaction 28695.

and "nextdns.io" is advertising itself as "NextDNS - The new firewall for the modern Internet".

Is this configuration intended and the same for the other PCs on which gpg works?

I believe it is the case, however even if it isn't I don't think dns is the issue because

  • when using 1.1.1.1 as my dns, it still did not work

  • when contacting the ip address directly, it still did not work

  • I was able to resolve the ip address for the domain name

further, in my nextdns configuration, I have all firewall features disabled. they also offer web3 features as well (yuck), which I have also disabled. I just checked, and the only feature I have enabled is to "allow affiliate & tracking links", aka to not block those.

I can test later if changing it to instead use 1.1.1.1 would allow it through, however I doubt this will have any effect.

Last edited by solonovamax (Today 03:49:54)

Thanks for your time,
solonovamax

https://solonovamax.gay

Offline

#4 Today 08:27:49

-thc
Member
Registered: 2017-03-15
Posts: 796

Re: gpg: keyserver receive failed: Server indicated a failure

O.K.

Just a couple of things you can try:

- Temporarily remove your dirmgr.conf
- prepend a "0x" to the key number ("0xB420FD3777CCE3A7F0076B55C85668DF6937500")
- use the IP address "185.125.188.26" instead of "keyserver.ubuntu.com".

Offline

#5 Today 08:49:55

seth
Member
Registered: 2012-09-03
Posts: 61,543

Re: gpg: keyserver receive failed: Server indicated a failure

I would primarily test w/o nextdns altogether, primarily because of the fw.
And/also check netfilter/iptables …errr… tables.

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Offline

Pages: 1

Board footer

Powered by FluxBB