dirmngr Windows DNS resolution of pools (Re: Problem refreshing keys)
Phil Pennock
gnupg-users at spodhuis.org
Fri Jun 15 23:45:21 CEST 2018
On 2018-06-14 at 06:24 -0400, Jerry wrote:
> gpg-connect-agent --dirmngr "GETINFO version" /bye
> gpg-connect-agent: no running Dirmngr - starting 'C:\Program Files (x86)\Gpg4win\..\GnuPG\bin\dirmngr.exe'
> gpg-connect-agent: waiting for the dirmngr to come up ... (5s)
> gpg-connect-agent: waiting for the dirmngr to come up ... (4s)
> gpg-connect-agent: connection to the dirmngr established
> D 2.2.7
> OK
Oh dear. Sounds like there may be an issue with DNS resolution on
Windows and dealing with pool hostnames.
gpg-connect-agent --dirmngr KILLDIRMNGR /bye
gpg-connect-agent --dirmngr
> KEYSERVER --hosttable
> KEYSERVER hkps://hkps.pool.sks-keyservers.net
> KS_GET 0x4D1E900E14C1CC04
[warning: lots of output]
> KEYSERVER --hosttable
> /bye
There should be around five to nine IPs returned from the last
"KEYSERVER --hosttable"; if you only see one, could you also use
whatever tools are used for DNS resolution at the Windows command-prompt
and see what that tooling says?
I can't help any further, I don't use Windows and so just can't help
more (pragmatic backing out, not philosophical).
In the meantime, look through <https://sks-keyservers.net/status/> and
see if there's any you recognize as belonging to anyone you personally
trust; look for a green box in the hkps column, it's "highly likely"
(but not certain) that you can use https/hkps with just the hostname
shown in that table.
Configure a keyserver which works for you until such time as GnuPG's DNS
resolution on Windows manages to handle pools correctly. Werner?
-Phil
More information about the Gnupg-users
mailing list