[email protected] (Ludovic Courtès) writes: > [email protected] skribis: > >> On 2016-01-01 19:21, [email protected] wrote: >>> On 2015-12-30 22:16, [email protected] wrote: >>>> Which version of GnuPG is it, per “gpg2 --version”? >>> ~$ gpg2 --version >>> gpg (GnuPG) 2.1.10 >>> libgcrypt 1.6.3 >> >> I now tested with the 2.0 version and the result was that it only >> worked when specifying the keyserver (pgp.mit.edu) on the commandline. >> >> So to sum it up (i'm on an i686 platform): >> (with default config-files) >> gpg 2.1.10 - keyservers are not reachable at all >> gpg 2.0.29 - keyservers are only reachable when using --keyserver >> URL-to-keyserver on the commandline omplains about wrong keyserver URI >> when not specifying --keyserver URL-to-keyserver). > > I confirm that 2.1 behaves differently: > > $ $(guix build gnupg-2.1)/bin/gpg2 --keyserver pgp.mit.edu --recv-keys > 3D9AEBB5 > gpg: key "3D9AEBB5 #EA52ECF4" not found > gpg: (check argument of option '--hidden-encrypt-to') > $ $(guix build gnupg-2.0)/bin/gpg2 --keyserver pgp.mit.edu --recv-keys > 3D9AEBB5 > gpg: requesting key 3D9AEBB5 from hkp server pgp.mit.edu > gpg: key 3D9AEBB5: "Ludovic Courtès <[email protected]>" not changed > gpg: Nombro traktita entute: 1 > gpg: neŝanĝitaj: 1 > > I would suggest reaching out to the GnuPG mailing lists. > > Ludo’. >
Hi, I thought I figured out my mistake from 12 months ago when GnuPG broke (and I faded out using it), the question here got me motivated to look into 2.1 issues again. I got it to the point where it works again, meaning searching for keys (although I am unsure wether it uses hkp or hkps protocol), etc. ~/.gnupg$ tree . ├── crls.d │ └── DIR.txt ├── dirmngr.conf ├── gpg-agent.conf ├── gpg.conf ├── openpgp-revocs.d ├── private-keys-v1.d ├── pubring.kbx ├── pubring.kbx~ ├── random_seed ├── S.dirmngr ├── S.gpg-agent └── trustdb.gpg What I did was start from scratch with GnuPG 2.1: cat gpg.conf keyserver-options no-honor-keyserver-url include-revoked fixed-list-mode keyid-format 0xlong personal-digest-preferences SHA512 SHA384 SHA256 SHA224 default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 BZIP2 ZLIB ZIP Uncompressed use-agent verify-options show-uid-validity list-options show-uid-validity cert-digest-algo SHA512 no-comments with-fingerprint no-emit-version cat dirmngr.conf keyserver hkp://hkps.pool.sks-keyservers.net hkp-cacert /home/myusername/certificates/sks-keyservers.netCA.pem cat gpg-agent.conf pinentry-program /home/myusername/.guix-profile/bin/pinentry-curses default-cache-ttl 86400 I noticed that gpg-agent needs at least those 2 entries to work with. Related question: is it intentional that there's no pinentry-gtk and pinentry-qt in Guix? -- Ni* -- http://www.libertad.pw Email is public. Talk to me in private: https://psyced.org:34443/~niasterisk privacy respecting, secure communication: BM-2cSj8qEigE3CMaLU3CwPZf7T3LvzvnttsC (bitmessage)
