Package: gnupg2 Version: 2.1.10-3 Severity: important Dear Maintainer,
Sometime recently gpg2.1 stopped handling HKPS keyservers. dirmngr can still do it if I ask directly, but gpg2.1 won't. All of the debug info I can think of is below. Relevant ~/.gnupg/gpg.conf lines: keyserver hkps://hkps.pool.sks-keyservers.net keyserver-options auto-key-retrieve no-honor-keyserver-url include-revoked Relevant ~/.gnupg/dirmngr.conf lines: hkp-cacert /usr/local/share/ca-certificates/sks-keyservers.netCA.pem When I try through gpg (first without debug for clarity) I get: $ gpg --search-key 58E11BB1E414D9AD gpg: error searching keyserver: General error gpg: keyserver search failed: General error When I try with dirmngr it works: $ dirmngr dirmngr[21392.0]: error opening '/home/phil/.gnupg/dirmngr_ldapservers.conf': No such file or directory dirmngr[21392.0]: permanently loaded certificates: 0 dirmngr[21392.0]: runtime cached certificates: 0 # Home: ~/.gnupg # Config: /home/phil/.gnupg/dirmngr.conf OK Dirmngr 2.1.10 at your service KEYSERVER --clear hkps://hkps.pool.sks-keyservers.net OK KS_SEARCH 58E11BB1E414D9AD dirmngr[21392.0]: resolve_dns_addr for 'hkps.pool.sks-keyservers.net': 'pgpkeys.co.uk' dirmngr[21392.0]: resolve_dns_addr for 'hkps.pool.sks-keyservers.net': 'ams3.sks.heypete.com' ... S PROGRESS tick ? 0 0 S SOURCE https://prod00.keyserver.dca.witopia.net:443 D info:1:1%0Apub:<---removed to keep email addresses away from scrapers---> Trying it with debug from gpg: $ gpg -vvv --debug-level 10 --search-key 58E11BB1E414D9AD gpg: using character set 'utf-8' gpg: enabled debug flags: packet mpi crypto filter iobuf memory cache memstat trust cardio ipc clock lookup extprog gpg: DBG: [not enabled in the source] start gpg: DBG: chan_3 <- # Home: /home/phil/.gnupg gpg: DBG: chan_3 <- # Config: /home/phil/.gnupg/dirmngr.conf gpg: DBG: chan_3 <- OK Dirmngr 2.1.8 at your service gpg: DBG: chan_4 <- # Home: /home/phil/.gnupg gpg: DBG: chan_4 <- # Config: /home/phil/.gnupg/dirmngr.conf gpg: DBG: chan_4 <- OK Dirmngr 2.1.8 at your service gpg: DBG: connection to the dirmngr established gpg: DBG: chan_4 -> KEYSERVER --clear hkps://hkps.pool.sks-keyservers.net gpg: DBG: chan_4 <- OK gpg: DBG: chan_4 -> KS_SEARCH -- 58E11BB1E414D9AD gpg: DBG: chan_4 <- ERR 1 General error <Unspecified source> gpg: error searching keyserver: General error gpg: keyserver search failed: General error gpg: DBG: chan_4 -> BYE gpg: DBG: [not enabled in the source] stop gpg: random usage: poolsize=600 mixed=0 polls=0/0 added=0/0 outmix=0 getlvl1=0/0 getlvl2=0/0 gpg: secmem usage: 0/65536 bytes in 0 blocks And to be clear: $ gpg --version | head -1 gpg (GnuPG) 2.1.10 Thanks. -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.1.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.utf8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages gnupg2 depends on: ii dpkg 1.18.4 ii gnupg-agent 2.1.10-3 ii install-info 6.0.0.dfsg.1-4 ii libassuan0 2.4.2-2 ii libbz2-1.0 1.0.6-8 ii libc6 2.21-6 ii libgcrypt20 1.6.4-4 ii libgpg-error0 1.21-1 ii libksba8 1.3.3-1 ii libreadline6 6.3-8+b4 ii libsqlite3-0 3.10.1-1 ii zlib1g 1:1.2.8.dfsg-2+b1 Versions of packages gnupg2 recommends: ii dirmngr 2.1.10-3 Versions of packages gnupg2 suggests: pn gnupg-doc <none> pn parcimonie <none> pn xloadimage <none> -- no debconf information