What Linux kernel configuration options are required by GPG for --refresh-keys?
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Fri May 15 16:36:40 CEST 2015
On Fri 2015-05-15 07:43:12 -0400, Werner Koch wrote:
> On Thu, 14 May 2015 04:41, dbdaniel42 at gmail.com said:
>
>> # gpg --homedir /etc/pacman.d/gnupg --refresh-keys
>> gpg: refreshing 80 keys from hkp://pool.sks-keyservers.net
>> gpg: keyserver refresh failed: Address family not supported by protocol
>
> DNS tells that there are v6 keyservers but your kernel seems to support
> only legacy IP. Change your resolver not to return AAAA records.
shouldn't dirmngr know enough to stop trying v6 addresses when v6 isn't
available?
> I won't consider this a bug but I suspect that we will have a bug the
> other way around (No legacy IP but DNS returned A records).
shouldn't dirmngr know enough to stop trying v4 addresses when v4 isn't
available?
These seem like parallel problems to me, but maybe i'm missing
something. Can you explain why the situations are different?
And just to clarify, which of the following best characterizes the bug
(or something else?):
0) dirmngr can't talk to keyservers on networks it does not have access
to.
1) dirmngr tries to access keyservers on networks it does not have
access to.
2) dirmngr reports errors when trying to access keyservers on networks
it does not have access to.
3) dirmngr fails to try other addresses on networks it does have access
to when some addresses fail.
--dkg
More information about the Gnupg-users
mailing list