Unknown error when search keys from server

anon20552214 · October 30, 2020, 4:22am

Hello

I have noticed some of the same issues on the forum page, but none of them seem to mention the root of the problem.

The same problem is that when pressing the “Look up on server” option in Kleopatra, nothing happens. But through testing, I found that using gpg --search-keys under the command line will receive an unknown error as shown below (personal information has been replaced with xxx):

C:\Users\xxx>gpg --keyserver hkps://hkps.pool.sks-keyservers.net --search-keys xxx
gpg: error searching keyserver: Unknown error
gpg: keyserver search failed: Unknown error

I can be sure that this is not a problem with my network or sks server, because at the same time, I can search normally using the gpg included in “Git for Windows”

By setting up a full debug log, I found the problem seems on Dirmngr, some related logs are as follows:

gpg: DBG: chan_0x00000238 ← # Config: [none]
gpg: DBG: chan_0x00000238 ← OK Dirmngr 2.2.23 at your service
gpg: DBG: connection to the dirmngr established
gpg: DBG: chan_0x00000238 → GETINFO version
gpg: DBG: chan_0x00000238 ← D 2.2.23
gpg: DBG: chan_0x00000238 ← OK
gpg: DBG: chan_0x00000238 → KEYSERVER --clear hkps://hkps.pool.sks-keyservers.net
gpg: DBG: chan_0x00000238 ← OK
gpg: DBG: chan_0x00000238 → KS_SEARCH – xxx
gpg: DBG: chan_0x00000238 ← ERR 167804995 Unknown error
gpg: error searching keyserver: Unknown error
gpg: keyserver search failed: Unknown error
gpg: DBG: chan_0x00000238 → BYE
gpg: DBG: [not enabled in the source] stop

As shown above, a problem occurred during the KS_SEARCH step, and an Unknown error was returned.
I mentioned above that I can use the gpg included in “Git for Windows” on the same computer normally, so I also make some tests for the gpg included in “Git for Windows”, all things normal, crocet data reviced during the KS_SEARCH step

As I mentioned above, I can normally use the gpg included in “Git for Windows” on the same computer, so I also make some tests on the gpg contained in “Git for Windows”, and everything is normal. The correct data was returned in the KS_SEARCH step.

I already lost many time with this problem and can’t solve. Can someone help me solve this problem?

(Since I am not a native English speaker, there may be some grammatical problems, I hope I have described the problem clearly, please forgive me)

Best regards.

bernhard · October 30, 2020, 3:12pm

Hi N F,

thanks for helping to analyse the situation

I did a fresh new test with Gpg4win 3.1.13, started Kleopatra and
use the search on server button and searched for “Bernhard Reiter”.
After a few seconds I found some public keys.
Then I could see details and also import.

So there are some conditions where this works.

On the other hand, I’ve tried your command line and it did not work for me a few times.
My guess till is: It depends on the keyserver you are actually getting.

Try
gpg --keyserver hkp://keys.andreas-puls.de --search-keys xxx

What version of GnuPG has “git for windows”?

Regards,
Bernhard

anon20552214 · October 30, 2020, 4:12pm

Thank you for your reply.

I have tested your command, unfortunately, the error still exists.
I used the latest “git for windows”, and the gunpg version is also 2.2.23.

I also tried some other 3.x versions of gpg4win, all have this problem.
Actually, I don’t know if it is caused by the software or my operating environment. If it can run normally on most people’s computers, I think it might be the latter.

There are so many software on my computer that I can’t check it one by one.
Fortunately, I don’t need to import many keys, so it is not too troublesome.

Thanks again

bernhard · October 30, 2020, 4:56pm

Hi N F,
thanks for testing again.
There could be a firewall blocking ports that are usually used for the hkp protocol?
(I think it is default port number (11371) )

Best Regards,
Bernhard

anon20552214 · October 30, 2020, 5:22pm

Hi Bernhard,

I just checked it with tcping (a tool for ping over a tcp connection), and the port is open.

I don’t think this is caused by the firewall, as I have already said, the same command works fine on the gunpg included in “git for windows”, so it is unlikely to be caused by the network related factors.

bernhard · October 31, 2020, 11:27am

Hi N F,
in some of my tests I also had a strange behaviour at some times, so there probably is a factor that is making a difference sometimes. My guess is that it has to do with the internal table of dirmngr about OpenPGP public keyservers, it is just unclear how this could be different with git for windows’ GnuPG build, if this is the same version.

Best Regards,
Bernhard

anon87975683 · November 2, 2020, 2:57pm

Hello Bernhard,

thank you for your help. I will try to resolve.

Regards.

Fábio

bernhard · November 3, 2020, 4:35pm

Hello,
the next step probably is to use ipc,dns debug options for dirmngr and see what the error message really means.

Best,
Bernhard