Trying to figure out what's going on with a key update failure...

Stephan Beck stebe at mailbox.org
Fri Nov 25 11:02:00 CET 2016


Hi Anthony,

Stephan Beck:
> 
> 
> Anthony Papillion:
>> Hello Everyone,
>>
>> When I run
>>
>> gpg2 --keyserver <my-keyserver> --refresh-keys

>>
>> Can someone tell me what this error means and how can I fix it?
> 
> Which gpg2 version are you running? 2.0x or 2.1x? 

sorry for the delay in getting back to you on-list.
[Could you please send me the error output you get when decrypting the
encrypted message I sent you yesterday, telling you that I had problems
in checking keyserver's connection as well, it's just that I'm eager to
know and I want to exclude key compromise].


In order to get the details of the communication of keyserver helper
programs with the keyserver you should use the --use-temp-files and
--keep-temp-files --keyserver options.

For example, I tried (a hundred times, with variations) to refresh your
key attempting to log keyserver<->helpers communication to check it
myself before giving advice

gpg2 --keyserver hkps://hkps.pool.sks-keyservers.net --refresh-keys
4F765425380A9BBA5F0E0892CC9D1E072AC97369 --no-emit-version
--display-charset utf-8 --keyserver-options
ca-cert-file=~/sks-keyservers.netCA.pem,use-temp-files=/tmp/tempfile.txt,keep-temp-files,verbose
--debug-level 2

But tempin.txt tempout.txt are nowhere.
I made a search in the gnupg's pipermail list archive and I consistently
found surely authoritative indication of David Shaw
that adding
--debug 1024 --keyserver-options "use-temp-files keep-temp-files"

do result in tempin.txt tempout.txt being logged somewhere.

I successfully generated those files in the past when checking
communication with keyservers, but I haven't wrote it down and I can't
integrate David Shaw's instructions into the above mentioned
command-line I used.
I'm giving up on this now, eager to hear once for all times HOW to
successfully create them.

Cheers

Stephan



More information about the Gnupg-users mailing list