GPG Keychain: No keyserver available

Tomas's Avatar

Tomas

06 May, 2020 08:05 AM

free SKS keyserver http://192.168.12.51:11371

We use free SKS keyserver.
Details:
Search keys failed! (No keyserver available)
Code = 186
Error text:
gpg: error searching keyserver: No keyserver available
gpg: keyserver search failed: No keyserver available

Tried setting both http and hkp://192.168.12.51:11371

Expected
To search, download, upgrade public keys from private SKS keyserver.
Windows OS machines with Thunderbird+Enigmail works with this keyserver just fine.
In MacOS GPG keychain keeps saying no keyserver available.

Additional info
I can connect to keyserver via browser and search for keys without problems.

macOS                   10.15.4     19E287
GPG Suite               2019.1      2539    (f7527f7dd4)
GPG Mail    -
GPG Keychain            1.5         1577    (6daf90a76b)
GPG Services            1.12        1096    (17b325bb15)
MacGPG                  2.2.17      938     (cb13729b0b)
GPG Suite Preferences   2.2         1115    (f813be50a8)
Libmacgpg               1.0         920     (b50a3b4b50)
pinentry                1.1.0.1     14      (c191c4128d)
  1. 1 Posted by Tomas on 06 May, 2020 10:56 AM

    Tomas's Avatar

    --search-keys covered with stars

    $ gpg --keyserver 192.168.12.51 --search-keys *** gpg: error searching keyserver: No keyserver available
    gpg: keyserver search failed: No keyserver available

    $ gpg --keyserver 192.168.12.51:11371 --search-keys *** gpg: error searching keyserver: No keyserver available
    gpg: keyserver search failed: No keyserver available

    $ gpg --keyserver hkp://192.168.12.51:11371 --search-keys *** gpg: error searching keyserver: No keyserver available
    gpg: keyserver search failed: No keyserver available

    $ gpg --keyserver http://192.168.12.51:11371 --search-keys *** gpg: error searching keyserver: No keyserver available
    gpg: keyserver search failed: No keyserver available

    $ nc -vz 192.168.12.51 11371 Connection to 192.168.12.51 port 11371 [tcp/hkp] succeeded!

  2. Support Staff 2 Posted by Steve on 11 May, 2020 01:46 PM

    Steve's Avatar

    Hi Tomas,

    unfortunately there are a variety of reasons why a key search can fail.

    Is there any chance that you are using Little Snitch or any other firewall on your Mac? If so, please temporarily disable that software and repeat your search.

    Can you please execute the following command in Terminal (easy to find via Spotlight) and send the output:

     gpg2 --verbose --keyserver hkps://keys.openpgp.org --recv-keys 0x0A292B5F8A3C247F586F19D7E1AF518CC4B1DC35
    

    In addition a debug log of dirmngr - the service responsible for key server requests - would be helpful.
    The following steps explain how to create such log:

    echo "debug-level guru" >> ~/.gnupg/dirmngr.conf
    echo "debug-all" >> ~/.gnupg/dirmngr.conf
    echo "log-file /tmp/dirmngr.log" >> ~/.gnupg/dirmngr.conf
    killall dirmngr
    gpg2 --verbose --keyserver hkps://keys.openpgp.org --recv-keys 0x0A292B5F8A3C247F586F19D7E1AF518CC4B1DC35
    

    After running these commands, please send us the /tmp/dirmngr.log file

    1. open finder and press ⇧⌘G
    2. paste /tmp/dirmngr.log
    3. attach the dirmngr.log file to this discussion

    Once you are done, it's best to remove the debugging option:

    1. open finder and press ⇧⌘G
    2. paste ~/.gnupg/dirmngr.conf
    3. open that file with TextEdit
    4. remove the following lines
      • debug-level guru
      • debug-all
      • log-file /tmp/dirmngr.log

    Now open Terminal.app again and execute the following commands:

    rm /tmp/dirmngr.log killall dirmngr

    Best,
    Steve

  3. 3 Posted by Tomas on 12 May, 2020 02:32 PM

    Tomas's Avatar

    Hi.
    Thanks for your response.
    I followed your steps and I believe found the coolprit - it tries to resolve IP address.
    It works just fine after giving it dns name in /etc/hosts

    dirmngr[1993.6] DBG: dns: resolve_dns_name(192.168.12.51): Success
    dirmngr[1993.6] DBG: dns: resolve_dns_addr(): No name
    dirmngr[1993.6] resolve_dns_addr failed while checking '192.168.12.51': No name
    dirmngr[1993.6] DBG: dns: resolve_dns_name(192.168.12.51): Success
    dirmngr[1993.6] DBG: dns: resolve_dns_addr(): No name
    dirmngr[1993.6] number of system provided CAs: 180
    dirmngr[1993.6] DBG: Using TLS library: GNUTLS 3.6.6
    dirmngr[1993.6] DBG: http.c:connect_server: trying name='192.168.12.51' port=11371
    dirmngr[1993.6] DBG: dns: resolve_dns_name(192.168.12.51): Success
    dirmngr[1993.6] can't connect to '192.168.12.51': no IP address for host
    dirmngr[1993.6] error connecting to 'http://192.168.12.51:11371': Unknown host
    dirmngr[1993.6] marking host '192.168.12.51' as dead
    dirmngr[1993.6] DBG: dns: resolve_dns_name(192.168.12.51): Success
    dirmngr[1993.6] DBG: dns: resolve_dns_addr(): No name
    dirmngr[1993.6] host '192.168.12.51' marked as dead
    dirmngr[1993.6] command 'KS_SEARCH' failed: No keyserver available
    dirmngr[1993.6] DBG: chan_6 -> ERR 167772346 No keyserver available

  4. Support Staff 4 Posted by Steve on 13 May, 2020 07:50 PM

    Steve's Avatar

    Glad this is solved for you. I'm closing this discussion. Should you need further assistance or have questions you can re-open this discussion here or open a new one any time.

    Best,
    Steve

  5. Steve closed this discussion on 13 May, 2020 07:50 PM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac