Login/Register
`gpg: keyserver send failed: No keyserver available` when sending to hkp://pool.sks-keyservers.net
Asked Answered
gpg-signaturekeyserver
D

5

11

I'm using the below command

gpg --keyserver hkp://pool.sks-keyservers.net --send-keys <MY-8-DIGIT-SIGNATURE>

as per guided by this article https://getstream.io/blog/publishing-libraries-to-mavencentral-2021/

However, when I try it, it reports

gpg: sending key <MY-16-DIGIT-SIGNATURE> to hkp://pool.sks-keyservers.net
gpg: keyserver send failed: No keyserver available
gpg: keyserver send failed: No keyserver available

What's wrong with my command above?

Update findings
This works on macOS Catalina, Intel Core i7 machine. But it doesn't work on macOS Big Sur, M1 ARM64 machine.

Not sure if it is Big Sur or M1 ARM64 machine issue?

Dorcas answered 25/4, 2021 at 8:1 Comment(2)
I have also raised a question to GPG support gpgtools.tenderapp.com/discussions/feedback/…Dorcas
I have BigSur and an i9 intel processor with the same issueLandlubber
D
13

Found a workaround to the issue.

First I kill the dirmngr using command

gpgconf --kill dirmngr

Then, I start dirmngr with --standard-resolver

dirmngr --debug-all --daemon --standard-resolver

Finally, on another terminal, I run

gpg --verbose --keyserver hkp://pool.sks-keyservers.net --recv-keys 0x0A292B5F8A3C247F586F19D7E1AF518CC4B1DC35

And this gives me the result of

gpg: key E1AF518CC4B1DC35: "Kristof (GPGTools) <[email blocked]>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1

Not sure why I need the --standard-resolver, but it works for my case.

UPDATE

Found a better way to have the standard-resolver by default for dirmngr. This is just by adding standard-resolver to ~/.gnupg/dirmngr.conf file.

Dorcas answered 26/4, 2021 at 1:40 Comment(0)
B
12

https://sks-keyservers.net/ "This service is deprecated. This means it is no longer maintained, and new HKPS certificates will not be issued. Service reliability should not be expected.

Update 2021-06-21: Due to even more GDPR takedown requests, the DNS records for the pool will no longer be provided at all."

Update 2021-06-21: You can use an alternative server such as:

  • keyserver.ubuntu.com
  • keys.openpgp.org
  • pgp.mit.edu

With somethin like this:

gpg --keyserver keys.openpgp.org --send-key [key id]

Biggerstaff answered 10/7, 2021 at 14:56 Comment(0)
C
3

i had a similar problem.it worked for me

apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 34893610CEAA9512

you can use script

#!/bin/bash

declare -a keyservers=(
    "hkp://keyserver.ubuntu.com:80"
    "keyserver.ubuntu.com"
    "ha.pool.sks-keyservers.net"
    "hkp://ha.pool.sks-keyservers.net:80"
    "p80.pool.sks-keyservers.net"
    "hkp://p80.pool.sks-keyservers.net:80"
    "pgp.mit.edu"
    "hkp://pgp.mit.edu:80"
)

keys=$(apt update 2>&1 | grep -o '[0-9A-Z]\{16\}$')

for key in $keys; do
    for server in "${keyservers[@]}"; do
        echo "Fetching GPG key ${key} from ${server}"
        gpg --keyserver $server --keyserver-options timeout=10 --recv-keys ${key}
        if [ $? -eq 0 ]; then
            echo "Key '${key}' successful added from server '${server}'"
            break
        else
            echo "Failed add key '${key}' from server '${server}'. Try another server"
            continue
        fi
    done
done
Comer answered 28/9, 2021 at 8:59 Comment(2)
Tried it without hkp:// and :80 at first, got the same error. Only worked with the full URL. Thanks!Presentation
Yes, there seems to be a difference between hkp://keyserver.ubuntu.com and hkp://keyserver.ubuntu.com:80. The latter worked for me.Wright
F
1

This worked for me to send my keys to the 3 keyservers supported by OSSRH Central Servers:

  • keyserver.ubuntu.com
  • keys.openpgp.org
  • pgp.mit.edu
Flushing answered 26/8, 2021 at 13:37 Comment(0)
S
0

I found out that i hadn't installed gnupg2. Using this command resolved the issue for me

sudo apt install gnupg2
Sequestrate answered 24/6, 2022 at 11:31 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.