Groups | Search | Server Info | Keyboard shortcuts | Login | Register

Groups > linux.debian.security > #6493

Re: Keyserver for gpg.conf ?

Path csiph.com!news.samoylyk.net!gothmog.csi.it!bofh.it!news.nic.it!robomod
From debianmailinglists.hz5zm@simplelogin.com
Newsgroups linux.debian.security
Subject Re: Keyserver for gpg.conf ?
Date Tue, 18 Nov 2025 01:50:01 +0100
Message-ID <LSi4V-dL4J-9@gated-at.bofh.it> (permalink)
References <LRkVb-d7Jl-5@gated-at.bofh.it> <LS9O2-dFgx-9@gated-at.bofh.it> <LSbmN-dGn2-5@gated-at.bofh.it>
X-Original-To Francesco Poli <invernomuto@paranoici.org>,noloader@gmail.com
X-Mailbox-Line From debian-security-request@lists.debian.org Tue Nov 18 00:48:54 2025
Old-Return-Path <sl.lmysyibrgaytemrsgeytsnzmeazdanbqguzdqxi.qk3jxc24rtixs@simplelogin.com>
X-Amavis-Spam-Status No, score=-5.178 tagged_above=-10000 required=5.3 tests=[BAYES_00=-2, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FVGT_m_MULTI_ODD=0.02, HTML_MESSAGE=2, LDO_WHITELIST=-5, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001] autolearn=no autolearn_force=no
X-Policyd-Weight NOT_IN_SBL_XBL_SPAMHAUS=-1.5 CL_IP_EQ_HELO_IP=-2 (check from: .simplelogin. - helo: .mail-107163.simplelogin. - helo-domain: .simplelogin.) FROM/MX_MATCHES_HELO(DOMAIN)=-2; rate: -5.5
Arc-Seal i=1; a=rsa-sha256; d=simplelogin.co; s=arc-20230626; t=1763426909; cv=none; b=G26xmQTOJ4a4efdhEsPVnQ9oS3VbQq/EqNPHDSY9thQGe6feua8CEYArWICKNPsWcTQP+Z4jZyHYGUGGpGG+yAEj0J5PDFfHFWveVoGlG8jIZvUAWFkDvLAS6n1Md+4B+SkXiDCJ/W9Nz1Zd7UzCQyhESdhb958ed155PWVfTaUxkj3uJTgb9jCZXYf64n8zuexIytv45IWgc+/v2XEd4d/uYipXTGUXft54QuVVbIjsIVHfqeVc5Bbs5BxjbL/9B2PSAVlPSqim7Uw6AEFx2TFnN3JejIUIGpCTF/QptCShkfQ5C4HEslrdAOJZIa4deQxvr7lp2qXuIbnnzi+nJA==
Arc-Message-Signature i=1; a=rsa-sha256; d=simplelogin.co; s=arc-20230626; t=1763426909; c=relaxed/simple; bh=aYfEtL2vREUWWpPFo2i9c2kjBHPumoJNeViYYkmILQ8=; h=Date:Subject:In-Reply-To:From:To:Cc:References; b=ZkJfPiwYY9eCvUkWNf/sp1IWptvZTHiIXuwa3hzIlos1Fq7KWyIWm7X73za9F0213isGc/NCxeImvhtpjPgAxDX1RwKmu/MQ+zXdMfZpYS51utdgT0W2UL4T1f1oYu+CtHHc9uiI5E6kt2TTRKG1XnY13T9ZMUTHH2JgB702oOYTyrudHi76VxsJTnuoPAGlW54LKDQa21lr4bV1jn/V7EcNnKgFr3aF1tuKexv7dYdXfJITsmyRBoy8f2puQVdLQwBUa0X8g4vVlKX6QU9DsrPWlhZMtLjAqDV9+PiXRKgZGbKaSs2qolwbUU0lDzHtq3teCIRxBnKIJdRr/loISA==
Arc-Authentication-Results i=1; mail.protonmail.ch
MIME-Version 1.0
Content-Type multipart/alternative; boundary="b1=_zzvQZomnrQxrk0NQRhRYPhMgj8X1vT2vTu96cVW4o4"
Content-Transfer-Encoding 7bit
X-Simplelogin-Type Reply
X-Simplelogin-Emaillog-ID 1012221197
X-Simplelogin-Want-Signing yes
X-Mailing-List <debian-security@lists.debian.org> archive/latest/29697
List-ID <debian-security.lists.debian.org>
List-URL <https://lists.debian.org/debian-security/>
List-Archive https://lists.debian.org/msgid-search/176342690857.8.107207476931524591.1012221188@simplelogin.com
Approved robomod@news.nic.it
Lines 101
Organization linux.* mail to news gateway
Sender robomod@news.nic.it
X-Original-Cc debian-security@lists.debian.org
X-Original-Date Tue, 18 Nov 2025 00:48:18 +0000
X-Original-Message-ID <176342690857.8.107207476931524591.1012221188@simplelogin.com>
X-Original-References <20251115103427.4fc727b3c8f9d3cb2e2fd642@paranoici.org> <CAH8yC8nXaNU3Me0y9uRwRYEQ_anH7Gp6NLMhvWX0GHaLZbedWQ@mail.gmail.com> <20251117183205.04e0ba865f042cd6c8e3a929@paranoici.org>
Xref csiph.com linux.debian.security:6493

Show key headers only | View raw

[Multipart message — attachments visible in raw view] - view raw

Preface, I'm not a Debian developer.

You're not the only one, but after some tinkering I've discovered that there's a whole slew of "Hockeypuck" GPG/PGP servers that seem to work fine for me.

hkp://pgpkeys.eu
hkps://pgp.id

They all seem to intercommunicate reliably. I was able to issue a revocation for an old key to pgpkeys.eu and it populated across to pgp.id within minutes.

I posted on Mastodon about this and somebody sent me this link with a list of various compatible servers. I haven't tried them all, just thought I'd share.

https://spider.pgpkeys.eu/sks-peers

--

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Marcus Dean Adams

Signal: [gerowen.81](https://signal.me/#eu/qTai8gc2fArQDCaX07fIccbmOMvJWfC6FpTWXzT0aY0mKgITRIZPZJs7Vq0FfYv0)

Mastodon: [gerowen@mastodon.social](https://mastodon.social/@gerowen)

Website: https://marcusadams.me

"Civilization is the limitless multiplication
of unnecessary necessities."
-- Mark Twain

On Mon, 2025-11-17 at 18:32 +0100, Francesco Poli - invernomuto at paranoici.org wrote:

> On Mon, 17 Nov 2025 10:49:00 -0500 Jeffrey Walton wrote:
>
> [...]
>
>> Daniel Kahn Gillmor (dkg) recommends using a constrained keyserver
>> like keys.openpgp.org if you want to check for certificate updates,
>> revocation, expiration, or subkey rollover.
>
> Dear Jeffrey, thanks for following up.
>
> I've just tried to refresh 50 keys with:
>
> keyserver hkps://keys.openpgp.org
>
> in my ~/.gnupg/gpg.conf
>
> It only found 2 of them and exited with non-zero status, spitting out
> out the following error message:
>
> gpg: keyserver refresh failed: No data
>
> Am I the only one who's experiencing issues in refreshing OpenPGP keys
> with gnupg/2.4.8-4 on an up-to-date Debian testing box?
>
> Am I the only one left who still uses gnupg in Debian? Have you all
> switched to sequoia-chameleon-gnupg, perhaps?
>
> I am really puzzled... :-(

Back to linux.debian.security | Previous | NextPrevious in thread | Find similar

Thread

Keyserver for gpg.conf ? Francesco Poli <invernomuto@paranoici.org> - 2025-11-15 10:40 +0100
  Re: Keyserver for gpg.conf ? Gunnar Wolf <gwolf@debian.org> - 2025-11-15 19:10 +0100
    Re: Keyserver for gpg.conf ? Holger Levsen <holger@layer-acht.org> - 2025-11-15 21:50 +0100
      Re: Keyserver for gpg.conf ? debianmailinglists.hz5zm@simplelogin.com - 2025-11-16 04:10 +0100
        Re: Keyserver for gpg.conf ? Gunnar Wolf <gwolf@debian.org> - 2025-11-16 17:10 +0100
        Re: Keyserver for gpg.conf ? Jeremy Stanley <fungi@yuggoth.org> - 2025-11-17 16:30 +0100
          Re: Keyserver for gpg.conf ? Jeffrey Walton <noloader@gmail.com> - 2025-11-17 16:40 +0100
      Re: Keyserver for gpg.conf ? Gunnar Wolf <gwolf@debian.org> - 2025-11-16 17:10 +0100
    Re: Keyserver for gpg.conf ? Francesco Poli <invernomuto@paranoici.org> - 2025-11-16 13:40 +0100
      Re: Keyserver for gpg.conf ? Gunnar Wolf <gwolf@debian.org> - 2025-11-16 17:10 +0100
  Re: Keyserver for gpg.conf ? Jeffrey Walton <noloader@gmail.com> - 2025-11-17 17:00 +0100
    Re: Keyserver for gpg.conf ? Francesco Poli <invernomuto@paranoici.org> - 2025-11-17 18:40 +0100
      Re: Keyserver for gpg.conf ? Jeremy Stanley <fungi@yuggoth.org> - 2025-11-17 18:50 +0100
      Re: Keyserver for gpg.conf ? debianmailinglists.hz5zm@simplelogin.com - 2025-11-18 01:50 +0100

csiph-web