Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Error with gpg at ha.pool.sks-keyservers.net #39

Closed
longquan7 opened this issue Aug 28, 2017 · 8 comments
Closed

Error with gpg at ha.pool.sks-keyservers.net #39

longquan7 opened this issue Aug 28, 2017 · 8 comments

Comments

@longquan7
Copy link

Hi, I am trying to install this:

gpg --keyserver ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4

its giving:

  • mktemp -d
  • export GNUPGHOME=/tmp/tmp.M9AXejR6yQ
  • gpg --keyserver ha.pool.sks-keyservers.net --recv-keys
    B42F6819007F00F88E364FD4036A9C25BF357DD4
    gpg: keybox '/tmp/tmp.M9AXejR6yQ/pubring.kbx' created
    gpg: keyserver receive failed: Connection timed out

problem with server ? when I was used "gpg --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys
B42F6819007F00F88E364FD4036A9C25BF357DD4" have the same problem.

@tianon
Copy link
Owner

tianon commented Sep 5, 2017

Keyserver issues are unfortunately very common -- we've tried a number of different methods, and the only method that's reasonably successful at combating the issue on a large scale is trying multiple keyservers in a loop until one succeeds. Usually, just re-starting the failing build is enough to get it to work in our testing, but there may be firewalls, etc in place that force a keyserver switch (keyserver.ubuntu.com is a good one that supports port 80 and is commonly allowed).

@longquan7
Copy link
Author

@tianon OK,thanks,I will try it

@thasmo
Copy link

thasmo commented Nov 1, 2017

Experiencing the same, tho restarting doesn't help - it happens on every run since some days when using ha.pool.sks-keyservers.net, on multiple machines.

@thasmo
Copy link

thasmo commented Nov 1, 2017

Seems that using keyserver.ubuntu.com also fails. Not sure the keyservers are the actual problem.

@longquan7
Copy link
Author

longquan7 commented Nov 2, 2017

Thanks, I was take it . I found I was work with proxy,So I was used by this way to resolve. gpg --keyserver-options http-proxy="http://xxxx:xxxx@proxy:8080" --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4

@camilo0365
Copy link

@longquan7 This is the way I solved it. Give it a try :)

for server in ha.pool.sks-keyservers.net \
              hkp://p80.pool.sks-keyservers.net:80 \
              keyserver.ubuntu.com \
              hkp://keyserver.ubuntu.com:80 \
              pgp.mit.edu; do
    gpg --keyserver "$server" --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 && break || echo "Trying new server..."
done

@longquan7
Copy link
Author

@camilo0365 Because I was use proxy, So this is the way I sovled my problem :)

'gpg --keyserver-options http-proxy="http://XXXXXXX" 
		--keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D'

lunkwill42 added a commit to Uninett/nav that referenced this issue Feb 21, 2018
this hits us randomly when Jenkins needs to rebuild the image
@ptsiampas
Copy link

I solved it by u getting it from multiple servers.. Not ideal but it works

  key='B42F6819007F00F88E364FD4036A9C25BF357DD4'; \
  gpg  --yes --always-trust --keyserver pgp.mit.edu --recv-keys "$key" || \
  gpg  --yes --always-trust --keyserver keyserver.pgp.com --recv-keys "$key" || \
  gpg  --yes --always-trust --keyserver ha.pool.sks-keyservers.net --recv-keys "$key" ; \
  gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \

@tianon tianon closed this as completed in 4ab27b4 Oct 15, 2018
felliott added a commit to felliott/docker-library that referenced this issue Apr 2, 2019
 * gpg key verification occasionally fails due to network issues when
   attempting to fetch keys.  Combat this with two approaches:
   * Disable ipv6 testing in dirmngr.conf. [1]
   * Provide a fallback list of keyservers to pull from. [2]

 [1] usbarmory/usbarmory-debian-base_image#9 (comment)
 [2] tianon/gosu#39 (comment)
felliott added a commit to felliott/modular-file-renderer that referenced this issue Apr 2, 2019
 * gpg key verification occasionally fails due to network issues when
   attempting to fetch keys.  Combat this with two approaches:
   * Disable ipv6 testing in dirmngr.conf. [1]
   * Provide a fallback list of keyservers to pull from. [2]

 [1] usbarmory/usbarmory-debian-base_image#9 (comment)
 [2] tianon/gosu#39 (comment)
fujimotodaisuke pushed a commit to RCOSDP/RDM-modular-file-renderer that referenced this issue May 13, 2019
 * gpg key verification occasionally fails due to network issues when
   attempting to fetch keys.  Combat this with two approaches:
   * Disable ipv6 testing in dirmngr.conf. [1]
   * Provide a fallback list of keyservers to pull from. [2]

 [1] usbarmory/usbarmory-debian-base_image#9 (comment)
 [2] tianon/gosu#39 (comment)
akunzai added a commit to akunzai/containers-lab that referenced this issue Jul 27, 2023
- fix dependencies for debian 9 base image
- fix gpg key server issues tianon/gosu#39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

5 participants