?: keys.gnupg.net: Host not found

Sat Oct 10 15:35:29 CEST 2015

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 10/10/2015 12:09 PM, Yuri Kanivetsky wrote:
> It is a pool. keys.gnupg.net <http://keys.gnupg.net/> is just an 
> alias for the SKS server pool[1], IIRC. I host a server in this
> pool and it is set to drop all IPv4 ICMP packets, so will not
> respond to a ping even though the server is online. It will respond
> to ICMPv6 pings however.
> 
> 
> 
> I am also NOT able to reproduce this error on XUbuntu 14.04 x64:
> 
> 
> Okay, let us do this the other way around. That's what I'm getting
> on host machine:

Just a thought, but have you tried one of the geographical pools
({eu,na,oc}.pool.sks-keyservers.net) instead of the general one? that
should result in better network response time and routing.

> ### 154.127.60.51 gpg: keyserver receive failed: No keyserver
> available

This works for me at least

> ### 176.9.100.87 gpg: keyserver receive failed: No data

This keyserver is wrongly configured, as it doesn't respond on all
traffic on port 11371 but filters it based on Host header (the server
operator is BCCed to this email), so it currently does work using the
pool.sks-keyserver.net but not keys.gnupg.net

> ### 178.33.187.175 gpg: keyserver receive failed: No keyserver
> available ### 206.176.170.195

This works for me as well

> is keys.gnupg.net <http://keys.gnupg.net/> pool an official source
> of keys? Can you recommend where to submit a key?
> 

There is no "official source", nor any requirement to publish keys on
a keyserver, either private nor public. It is often convenient to do
so, though (but the existence of a key on a keyserver is no indication
of validity of the key, so this will always have to be verified out of
band).

> 
> How was this 2.1 version built?
> 
> 
> `./configure && make && sudo make install` in the previous email,
> and `./configure CFLAGS='-g -O0' CXXFLAGS='-g -O0' && make && sudo
> make install` in this one.
> 
> AFAICS, it's the dirmngr who does the request. Can I reproduce it
> with dirmngr alone, not involving gpg binary?

$ dirmngr
...
OK Dirmngr 2.1.9 at your service
KEYSERVER --clear hkp://pool.sks-keyservers.net
OK
KS_GET 409B6B1796C275462A1703113804BB82D39DC0E3
...
BYE

- -- 
- ----------------------------
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
- ----------------------------
Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
- ----------------------------
Vincit qui se vincit
He who conquers conquers self
-----BEGIN PGP SIGNATURE-----

iQEcBAEBCgAGBQJWGRQdAAoJECULev7WN52FV9MH/1cGzU30oPeQ2hJpNsG7on3v
yv+wsxVNnvvkhU+QAs6v2FBPZgnVkJvsykffLT7iET7xx2kOo4bxsl8zEjDF/n62
3gusVmPP2x1qCt44eXGVoB0un06QBPhCgJGu8jcN8Emtjdn93MftXkgA5fhmtiGF
waTt3PdYmdyFMaMzikSU/sfMpU29j51FbcPyzi4LQK/mjRLb9Ft09QC/DiJfe+gg
+k8aZgUDcYtU49eifxOJHfpPCRUfDMY5bvK+ZvgbmS3Pra3Yej9vByR1NRLsqJwk
+jdPbIug/enHo7pKy2T6VhnKduO/jPo0eMVouMZ2yV7s23rWVKt8jT+sxxvC5qw=
=cxUx
-----END PGP SIGNATURE-----