LDAP PGP Keyserver

David Shaw dshaw at jabberwocky.com
Thu Oct 4 14:36:28 CEST 2007


On Thu, Oct 04, 2007 at 10:37:23AM +0400, Proskurin Kirill wrote:

> We have a "ou=PGP Keys,dc=company,dc=org" full of a PGP keys what work`s.
> 
> PGP Desktop easy search at our Ldap keyserver and inports key`s from were.
> What we need:
> 
> We need to add keys to a keyserver.
> When im try "sent to" any key to our keyserver via PGP Desktop it 
> returns a error:
> "Strong authentication required"
> We use ldaps... More strong? :-\
> 
> Then im try to add it by a gnupg via console.
> % gpg --keyserver ldaps://pgp.company.org  --send-keys KEYID
> gpgkeys: this keyserver type only supports key retrieval

Ah, this is a problem.  What you are seeing when you request a LDAP
access is a message from the "generic" keyserver handler (using curl).
Are you built with LDAP support?  Recompile GPG with LDAP support, and
you should be in better shape.  You can tell if you have LDAP support
if there is a "gpgkeys_ldap" program.

Note, though, that if PGP can't send keys to the keyserver without
authentication, that GPG probably won't be able to either - they use
essentially the same LDAP calls.  One problem at a time, however.
Let's get you talking LDAP at all before we debug the other problem.

David



More information about the Gnupg-users mailing list