1 |
On Tuesday, 7 April 2020 14:36:04 BST gevisz wrote: |
2 |
> I have a long standing "gpg can't check signature: No public key" |
3 |
> error while running # emerge-webrsync |
4 |
> It appears because the webrsync-gpg feature has been set in my |
5 |
> make.conf however I do not want to switch it off. |
6 |
> The app-crypt/gentoo-keys is installed, so it is not the reason for above |
7 |
> error. I have just tried to download gentoo pgp keys manually with the |
8 |
> command gpg --keyserver hkps://keys.gentoo.org --recv-keys |
9 |
> 13EBBDBEDE7A12775DFDB1BABB572E0E2D182910 |
10 |
> and got the following error message: |
11 |
> gpg: keyserver receive failed: No keyserver available |
12 |
> Can anybody explain me how to fix this? |
13 |
|
14 |
As a plain user I get this: |
15 |
|
16 |
$ gpg --keyserver hkps://keys.gentoo.org --recv-keys |
17 |
13EBBDBEDE7A12775DFDB1BABB572E0E2D182910 |
18 |
gpg: enabled debug flags: memstat |
19 |
gpg: data source: https://keys.gentoo.org:443 |
20 |
gpg: armor header: Version: SKS 1.1.6 |
21 |
gpg: armor header: Comment: Hostname: trogan.gentoo.org |
22 |
gpg: key BB572E0E2D182910: number of dropped non-self-signatures: 13 |
23 |
gpg: pub rsa4096/BB572E0E2D182910 2009-08-25 Gentoo Linux Release |
24 |
Engineering (Automated Weekly Release Key) <releng@g.o> |
25 |
gpg: removing signature from key BB572E0E2D182910 on user ID "Gentoo Linux |
26 |
Release Engineering (Automated Weekly Release Key) <releng@g.o>": |
27 |
signature superseded |
28 |
gpg: removing signature from key BB572E0E2D182910 on user ID "Gentoo Linux |
29 |
Release Engineering (Automated Weekly Release Key) <releng@g.o>": |
30 |
signature superseded |
31 |
gpg: removing signature from key BB572E0E2D182910 on user ID "Gentoo Linux |
32 |
Release Engineering (Automated Weekly Release Key) <releng@g.o>": |
33 |
signature superseded |
34 |
gpg: removing signature from key BB572E0E2D182910 on user ID "Gentoo Linux |
35 |
Release Engineering (Automated Weekly Release Key) <releng@g.o>": |
36 |
invalid signature |
37 |
gpg: removing signature from key BB572E0E2D182910 on user ID "Gentoo Linux |
38 |
Release Engineering (Automated Weekly Release Key) <releng@g.o>": |
39 |
signature superseded |
40 |
gpg: removing signature from key BB572E0E2D182910 on user ID "Gentoo Linux |
41 |
Release Engineering (Automated Weekly Release Key) <releng@g.o>": |
42 |
signature superseded |
43 |
gpg: removing signature from key BB572E0E2D182910 on user ID "Gentoo Linux |
44 |
Release Engineering (Automated Weekly Release Key) <releng@g.o>": |
45 |
signature superseded |
46 |
gpg: removing signature from key BB572E0E2D182910 on user ID "Gentoo Linux |
47 |
Release Engineering (Automated Weekly Release Key) <releng@g.o>": |
48 |
signature superseded |
49 |
gpg: key BB572E0E2D182910/2C44695DB9F6043D: removed multiple subkey binding |
50 |
gpg: using classic trust model |
51 |
gpg: key BB572E0E2D182910: public key "Gentoo Linux Release Engineering |
52 |
(Automated Weekly Release Key) <releng@g.o>" imported |
53 |
gpg: Total number processed: 1 |
54 |
gpg: imported: 1 |
55 |
gpg: keydb: handles=3 locks=2 parse=0 get=2 |
56 |
gpg: build=0 update=0 insert=1 delete=0 |
57 |
gpg: reset=1 found=2 not=2 cache=0 not=0 |
58 |
gpg: kid_not_found_cache: count=0 peak=0 flushes=0 |
59 |
gpg: sig_cache: total=42 cached=30 good=28 bad=2 |
60 |
gpg: random usage: poolsize=600 mixed=0 polls=0/0 added=0/0 |
61 |
outmix=0 getlvl1=0/0 getlvl2=0/0 |
62 |
gpg: rndjent stat: collector=0x0000000000000000 calls=0 bytes=0 |
63 |
gpg: secmem usage: 0/65536 bytes in 0 blocks |
64 |
|
65 |
|
66 |
If you can't connect then you may have some network configuration issue, or |
67 |
potentially the keyserver is busy at this moment. However, this would only be |
68 |
a temporary problem and you report you've been getting this regularly. |
69 |
|
70 |
Do you see if port 443 is open from where you are? |
71 |
|
72 |
$ nc -v -z keys.gentoo.org 443 |
73 |
DNS fwd/rev mismatch: keys.geodns-europe.gentoo.org != trogan.gentoo.org |
74 |
keys.geodns-europe.gentoo.org [89.238.71.4] 443 (https) open |
75 |
|
76 |
|
77 |
Alternatively, do you also have a problem using rsync? |
78 |
|
79 |
BTW, I use rsync and do not have 'app-crypt/gentoo-keys' installed. Instead I |
80 |
have 'app-crypt/openpgp-keys-gentoo-release' which is how Gentoo portage keys |
81 |
are propagated: |
82 |
|
83 |
https://wiki.gentoo.org/wiki/Project:Portage/Repository_Verification |