无法在 arch linux 上使用 gpg 导入密钥

tag-icon tag-icon networking arch-linux gnupg debug gpg-agent
无法在 arch linux 上使用 gpg 导入密钥

我是 arch 4.9.8-1 系统。我想安装 linux-vfio 内核用于 gpu 直通并修复 IOMMU 组错误的问题。

尝试安装 linux-vfio 内核时,由于缺少密钥,出现以下错误。

$ yaourt -S linux-vfio
.
.
.
==> Verifying source file signatures with gpg...
    linux-4.9.tar ... FAILED (unknown public key 79BE3E4300411886)
    patch-4.9.8 ... FAILED (unknown public key 38DBBDC86092693E)

我一直尝试使用 gpg 导入密钥,现在我尝试了许多不同的方法,但我仍然收到相同的错误,我使用 pacman 安装了 gnupg 包。

$ gpg --recv-key 79BE3E4300411886
gpg: keyserver receive failed: Connection refused

$ gpg --keyserver pgp.mit.edu --recv-keys 79BE3E4300411886
gpg: keyserver receive failed: Connection refused

检查服务器是否可用

$ gpg-connect-agent --dirmngr
> keyserver --resolve hkp://pool.sks-keyservers.net
S # https://hkps.pool.sks-keyservers.net:443
OK
>

调试

$ gpg -vvv --debug-all --recv-keys --keyserver http://pgp.mit.edu 79BE3E4300411886
gpg: reading options from '/home/haroon/.gnupg/gpg.conf'
gpg: using character set 'utf-8'
gpg: enabled debug flags: packet mpi crypto filter iobuf memory cache memstat trust hashing ipc clock lookup extprog
gpg: DBG: [not enabled in the source] start
gpg: DBG: chan_3 <- # Home: /home/haroon/.gnupg
gpg: DBG: chan_3 <- # Config: [none]
gpg: DBG: chan_3 <- OK Dirmngr 2.1.18 at your service
gpg: DBG: connection to the dirmngr established
gpg: DBG: chan_3 -> GETINFO version
gpg: DBG: chan_3 <- D 2.1.18
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> KEYSERVER --clear http://pgp.mit.edu
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> KS_GET -- 0x79BE3E4300411886
gpg: DBG: chan_3 <- ERR 167772346 No keyserver available <Dirmngr>
gpg: keyserver receive failed: No keyserver available
gpg: DBG: chan_3 -> BYE
gpg: DBG: [not enabled in the source] stop
gpg: random usage: poolsize=600 mixed=0 polls=0/0 added=0/0
              outmix=0 getlvl1=0/0 getlvl2=0/0
gpg: secmem usage: 0/32768 bytes in 0 blocks

有人知道如何解决这个问题吗?

答案1

您可以手动导入密钥。转到https://pgp.mit.edu/并使用以下字符串进行搜索:0x00411886,单击第一个链接,然后复制内容公钥服务器网页到您最喜欢的文本编辑器。将其另存为linux-vfio.asc

最后运行:gpg --import linux-vfio.asc导入密钥。

答案2

尝试设置

standard-resolver$HOME/.gnupg/dirmngr

https://dev.gnupg.org/T2889了解详情。

答案3

虽然您的调试没有表明这一点,但当我检查我的 dirmngr.conf 时,我发现 gpgconf 已启用“use-tor”。将其注释掉解决了我的问题。

答案4

错误可能是由于tcp端口11371受阻OUTPUT链中iptables

我使用这些设置~/.gnupg/dirmngr.conf

# https://gnupg.org/blog/20151224-gnupg-in-november-and-december.html
use-tor
keyserver hkp://jirk5u4osbsr34t5.onion

#keyserver hkps://hkps.pool.sks-keyservers.net

# https://sks-keyservers.net/overview-of-pools.php#pool_hkps
hkp-cacert /etc/ssl/sks-keyservers.netCA.pem

如果~/.gnupg/gpg.conf强化你的gpg设置和:

keyserver-options no-honor-keyserver-url

  • 这将禁用--keyserver

相关内容