What Linux kernel configuration options are required by GPG for --refresh-keys?
Daniel Bomar
dbdaniel42 at gmail.com
Fri May 15 16:20:01 CEST 2015
I verified this to be the case in Wireshark. It's sending both A and
AAAA queries for hostname vod.ohai.su (not sure how it got that from
pool.sks-keyservers.net but whatever probably not relevant.) However
it's only GPG that seems to do this. If I ping either of those
hostnames it sends only an A query. Same for my web browser and all
other traffic I observed. It's only GPG that's trying to do these
AAAA DNS queries.
How do I change my resolver as you suggested? I don't have any kind
of special setup. I'm just using Google's public DNS (8.8.8.8 and
8.8.4.4) set in /etc/resolv.conf along with a static IP.
On Fri, May 15, 2015 at 6:43 AM, Werner Koch <wk at gnupg.org> wrote:
> On Thu, 14 May 2015 04:41, dbdaniel42 at gmail.com said:
>
>> # gpg --homedir /etc/pacman.d/gnupg --refresh-keys
>> gpg: refreshing 80 keys from hkp://pool.sks-keyservers.net
>> gpg: keyserver refresh failed: Address family not supported by protocol
>
> DNS tells that there are v6 keyservers but your kernel seems to support
> only legacy IP. Change your resolver not to return AAAA records.
>
> I won't consider this a bug but I suspect that we will have a bug the
> other way around (No legacy IP but DNS returned A records).
>
>
> Shalom-Salam,
>
> Werner
>
> --
> Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
>
More information about the Gnupg-users
mailing list