On 2018-07-05, Grant Edwards <[email protected]> wrote:
> On 2018-07-05, Grant Edwards <[email protected]> wrote:
>> As of today, I seem to be unable to a an "emerge --sync".
>>
>> The process either hangs forever at the "Refreshing keys from keyserver step:
>
> [...]
>
>> Or, it fails because there are no public key to verify a manfest:
>
> For now, I've had to set add "sync-rsync-verify-metamanifest = no" to
> my repo conf file so that I can actually do updates, but that seems
> like a dangerous work-around.
After turning off sync-rsync-verify-metamanifest and doing a sync and
update (which included app-crypt/openpgp-keys-gentoo-release-20180703),
I had hoped that I would be able to turn it back on, but now I get this:
# emerge --sync
>>> Syncing repository 'gentoo' into '/usr/portage'...
* Using keys from /usr/share/openpgp-keys/gentoo-release.asc
* Refreshing keys from keyserver ...OpenPGP keyring refresh failed:
gpg: refreshing 4 keys from hkps://hkps.pool.sks-keyservers.net
gpg: keyserver refresh failed: General error
OpenPGP keyring refresh failed:
gpg: refreshing 4 keys from hkps://hkps.pool.sks-keyservers.net
gpg: keyserver refresh failed: General error
OpenPGP keyring refresh failed:
gpg: refreshing 4 keys from hkps://hkps.pool.sks-keyservers.net
gpg: keyserver refresh failed: General error
The last four lines repeat forever with an increasingly longer period.
Firing up wireshark shows that for each of those failures, there's a
TLS 1.2 connection to port 443 at hkps.pool.sks-keyservers.net which
gets set up, negotiated, and then closed.
--
Grant Edwards grant.b.edwards Yow! Hello... IRON
at CURTAIN? Send over a
gmail.com SAUSAGE PIZZA! World War
III? No thanks!
