GPG Error: gpg --recv-key xxx | gpg: keyserver receive failed: General error

I didn't really know how else to word the title, hope it wasn't too bad :sweat_smile:
I followed the guide here to try to get Firefox Nightly to work directly from the AUR, but the command gpg --recv-key $KEYID is registering as invalid in my zsh prompt in the --recvkey part(it's in red), leading me to think that the command is just invalid.
Am I wrong? Is the command correct? I'm honestly not sure.

It is correct but your default gpg keyserver isn't working. Use a different one.

For example

gpg --keyserver keyserver.ubuntu.com --recv-key XXXXXXXXXX

Replace XXXXXXXXXX with the key ID you need.

that the recommended one that you use then?
Also will this need to be done every time the package gets updated?

This key server works for me at the moment. There are others, use any keyserver you like. Just pick one that works.

No, this is a one time thing. Only if the key changes, you need to import a new key again.

Kk, all good then.

Where can I find keyservers? Is there a place where I can find where many are hosted? Lastly then, I can't think of any, but would there be any dangers to using a non-well known keyserver?

Use your favorite search engine. However, there are not that many.
The sks-keyservers.net Pool is quite big, but if you get a bad one, you can't do anything.
Of course there are servers like pgp.mit.edu and other different university servers. They all usually sync with sks-keyservers.net . Ubuntu and other distro server also do that.

Since the certificate spamming attack, there are new servers like keys.openpgp.org but these won't work in this case.

So should I be worried about attacks from fake keys or anything? Is there anything I could get myself into?

The worst case is that you need to hard reset your system and after boot need to remove your ~/.gnupg folder. If you use a gpg key for signing/encryption make a backup.

You can configure your favorite key sever in ~/.gnupg/gpg.conf
You might need to logout and in again to see an affect.

That would be because it's

gpg --recv-keys

:wink:

what would the syntax be to add a key server? Arch wiki isn't helping much...

also the file didn't exist yet :sweat_smile:

Only if you want to add more than one. If you want to add only one --recv-key is perfectly fine. If you want to import more than one you need to use --recv-keys

But of course the --recv-key option is only mentioned in text in the man page and not as a specific option.

Ah, well it's not in the zsh completion file, either. :stuck_out_tongue_winking_eye:

1 Like

@xabbu I'm appearing to be getting the same key error when installing Dropbox. I know how to fix it, but I don't know how to permanantly add the key or the key server.

The dropbox packages uses a different key. Try also to use the --keyserver option.

gpg --keyserver keyserver.ubuntu.com --recv-key FC918B335044912E

You can crate the ~/.gnupg/gpg.conf and put in

keyserver hkp://keyserver.ubuntu.com

worked like a charm :wink: thanks

1 Like

Forum kindly sponsored by