Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

gpg: keyserver timed out #340

Closed
andricicezar opened this issue Feb 28, 2017 · 19 comments
Closed

gpg: keyserver timed out #340

andricicezar opened this issue Feb 28, 2017 · 19 comments

Comments

@andricicezar
Copy link

I started to get this error every time I try to install node myself. I run this on a machine where the build worked until today. Any advice?

Building web
Step 1 : FROM ruby:2.3.3
 ---> 015bb3c9eda3
Step 2 : RUN apt-get update && apt-get install -y cron sqlite3 gettext-base rsync --no-install-recommends && rm -rf /var/lib/apt/lists/*
 ---> Using cache
 ---> 7abbb6ea8dde
Step 3 : RUN set -ex   && for key in     9554F04D7259F04124DE6B476D5A82AC7E37093B     94AE36675C464D64BAFA68DD7434390BDBE9B9C5     0034A06D9D9B0064CE8ADF6BF1747F4AD2306D93     FD3A5288F042B6850C66B31F09FE44734EB7990E     71DCFD284A79C3B38668286BC97EC7A07EDE3FC1     DD8F2338BAE7501E3DD5AC78C273792F7D83545D     B9AE9905FFD7803F25714661B63B535A4C206CA9     C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8   ; do
   gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$key";   done
 ---> Running in dda750f4e732
+ gpg --keyserver ha.pool.sks-keyservers.net --recv-keys 9554F04D7259F04124DE6B476D5A82AC7E37093B
gpg: directory `/root/.gnupg' created
gpg: new configuration file `/root/.gnupg/gpg.conf' created
gpg: WARNING: options in `/root/.gnupg/gpg.conf' are not yet active during this run
gpg: keyring `/root/.gnupg/secring.gpg' created
gpg: keyring `/root/.gnupg/pubring.gpg' created
gpg: requesting key 7E37093B from hkp server ha.pool.sks-keyservers.net
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: key 7E37093B: public key "Christopher Dickinson <[email protected]>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
+ gpg --keyserver ha.pool.sks-keyservers.net --recv-keys 94AE36675C464D64BAFA68DD7434390BDBE9B9C5
gpg: requesting key DBE9B9C5 from hkp server ha.pool.sks-keyservers.net
gpg: keyserver timed out
gpg: keyserver receive failed: keyserver error
@andricicezar
Copy link
Author

I don't know why, but sometimes goes even further, but it never finish the list. Any ideas why?

Building web
Step 1 : FROM ruby:2.3.3
 ---> 015bb3c9eda3
Step 2 : RUN apt-get update && apt-get install -y cron sqlite3 gettext-base rsync --no-install-recommends && rm -rf /var/lib/apt/lists/*
 ---> Using cache
 ---> 7abbb6ea8dde
Step 3 : RUN set -ex   && for key in     9554F04D7259F04124DE6B476D5A82AC7E37093B     94AE36675C464D64BAFA68DD7434390BDBE9B9C5     0034A06D9D9B0064CE8ADF6BF1747F4AD2306D93     FD3A5288F042B6850C66B31F09FE44734EB7990E     71DCFD284A79C3B38668286BC97EC7A07EDE3FC1     DD8F2338BAE7501E3DD5AC78C273792F7D83545D     B9AE9905FFD7803F25714661B63B535A4C206CA9     C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8   ; do
gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$key";   done
 ---> Running in 6564b5b6cf0b
+ gpg --keyserver ha.pool.sks-keyservers.net --recv-keys 9554F04D7259F04124DE6B476D5A82AC7E37093B
gpg: directory `/root/.gnupg' created
gpg: new configuration file `/root/.gnupg/gpg.conf' created
gpg: WARNING: options in `/root/.gnupg/gpg.conf' are not yet active during this run
gpg: keyring `/root/.gnupg/secring.gpg' created
gpg: keyring `/root/.gnupg/pubring.gpg' created
gpg: requesting key 7E37093B from hkp server ha.pool.sks-keyservers.net
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: key 7E37093B: public key "Christopher Dickinson <[email protected]>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
+ gpg --keyserver ha.pool.sks-keyservers.net --recv-keys 94AE36675C464D64BAFA68DD7434390BDBE9B9C5
gpg: requesting key DBE9B9C5 from hkp server ha.pool.sks-keyservers.net
gpg: key DBE9B9C5: public key "Colin Ihrig <[email protected]>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
+ gpg --keyserver ha.pool.sks-keyservers.net --recv-keys 0034A06D9D9B0064CE8ADF6BF1747F4AD2306D93
gpg: requesting key D2306D93 from hkp server ha.pool.sks-keyservers.net
gpg: key D2306D93: public key "keybase.io/octetcloud <[email protected]>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
+ gpg --keyserver ha.pool.sks-keyservers.net --recv-keys FD3A5288F042B6850C66B31F09FE44734EB7990E
gpg: requesting key 4EB7990E from hkp server ha.pool.sks-keyservers.net
gpg: key 4EB7990E: public key "Jeremiah Senkpiel <[email protected]>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
+ gpg --keyserver ha.pool.sks-keyservers.net --recv-keys 71DCFD284A79C3B38668286BC97EC7A07EDE3FC1
gpg: requesting key 7EDE3FC1 from hkp server ha.pool.sks-keyservers.net
gpg: key 7EDE3FC1: public key "keybase.io/jasnell <[email protected]>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
+ gpg --keyserver ha.pool.sks-keyservers.net --recv-keys DD8F2338BAE7501E3DD5AC78C273792F7D83545D
gpg: requesting key 7D83545D from hkp server ha.pool.sks-keyservers.net
gpg: keyserver timed out
gpg: keyserver receive failed: keyserver error
ERROR: Service 'web' failed to build: The command '/bin/sh -c set -ex   && for key in     9554F04D7259F04124DE6B476D5A82AC7E37093B     94AE36675C464D64BAFA68DD7434390BDBE9B9C5     0034A06D9D9B0064CE8ADF6BF1747F4AD2306D93     FD3A5288F042B6850C66B31F09FE44734EB7990E     71DCFD284A79C3B38668286BC97EC7A07EDE3FC1     DD8F2338BAE7501E3DD5AC78C273792F7D83545D     B9AE9905FFD7803F25714661B63B535A4C206CA9     C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8   ; do     gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$key";   done' returned a non-zero code: 2

@chorrell
Copy link
Contributor

Network issue on your Docker host?

@pesho
Copy link
Contributor

pesho commented Feb 28, 2017

Just had a keyserver timeout myself too. Seems like part of the "HA" pool is acting up.

@pesho
Copy link
Contributor

pesho commented Feb 28, 2017

The https://sks-keyservers.net/ website is also offline btw.

@Starefossen
Copy link
Member

Starefossen commented Feb 28, 2017
edited
Loading

Hmmm.. I thought we fixed this with #31 😕

@chorrell
Copy link
Contributor

Well, we did but the OP might not be doing it the same way?

@andricicezar what does your Dockerfile look like?

@pesho
Copy link
Contributor

pesho commented Feb 28, 2017

Hmmm.. I thought we fixed this with #31

I don't think so. Before that fix the build process continued even if some key(s) failed to download. Now it (correctly) fails in such cases.

@chorrell
Copy link
Contributor

chorrell commented Feb 28, 2017
edited
Loading

Oh, that's right! #31 ensures we fail early. So I guess ha.pool.sks-keyservers.net isn't exactly "HA"? ¯\_(ツ)_/¯

@chorrell chorrell mentioned this issue Feb 28, 2017
Merged
@andricicezar
Copy link
Author

andricicezar commented Feb 28, 2017
edited
Loading

This is my Dockerfile:

FROM ruby:2.3.3

RUN apt-get update && apt-get install -y cron sqlite3 gettext-base rsync --no-install-recommends && rm -rf /var/lib/apt/lists/*

RUN set -ex \
  && for key in \
    9554F04D7259F04124DE6B476D5A82AC7E37093B \
    94AE36675C464D64BAFA68DD7434390BDBE9B9C5 \
    0034A06D9D9B0064CE8ADF6BF1747F4AD2306D93 \
    FD3A5288F042B6850C66B31F09FE44734EB7990E \
    71DCFD284A79C3B38668286BC97EC7A07EDE3FC1 \
    DD8F2338BAE7501E3DD5AC78C273792F7D83545D \
    B9AE9905FFD7803F25714661B63B535A4C206CA9 \
    C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \
  ; do \
    gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \
  done

@chorrell
Copy link
Contributor

Can you try your build again? It seems like there were issues with ha.pool.sks-keyservers.net (as well as S3 and a whole lot of other stuff) but it might be ok now.

@andricicezar
Copy link
Author

Yeah, there were issues with ha.pool.sks-keyservers.net. I found a different server and used that instead of the ha.

Thank you for your help and this project!

@chorrell chorrell mentioned this issue Apr 6, 2017
Merged
@luislobo
Copy link

It seems like key 94AE36675C464D64BAFA68DD7434390BDBE9B9C5 is no longer valid, I've searched it in several servers and all of them returned NOT FOUND

@chorrell
Copy link
Contributor

That's odd. It should belong to one of the members of the Node.js release team

https://github.com/nodejs/node#release-team

And I was able to import the key locally via gpg --keyserver pool.sks-keyservers.net --recv-keys 94AE36675C464D64BAFA68DD7434390BDBE9B9C5

@luislobo
Copy link

yeah, for some reason, some of the keys work in my docker file, but others dont.
I had to comment out a couple:

# Prepare NODE options, keys and repositories
## gpg keys listed at https://github.com/nodejs/node
RUN set -ex \
  && for key in \
#    94AE36675C464D64BAFA68DD7434390BDBE9B9C5 \
    FD3A5288F042B6850C66B31F09FE44734EB7990E \
#    71DCFD284A79C3B38668286BC97EC7A07EDE3FC1 \
    DD8F2338BAE7501E3DD5AC78C273792F7D83545D \
    C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \
    B9AE9905FFD7803F25714661B63B535A4C206CA9 \
    56730D5401028683275BD23C23EFEFE93C4CFFFE \
  ; do \
    gpg --keyserver pool.sks-keyservers.net --recv-keys "$key"; \
  done

@luislobo
Copy link

Both do work outside of the container though.

@luislobo
Copy link

Part of my Dockerfile:

FROM ubuntu:16.04
MAINTAINER Luis Lobo Borobia <[email protected]>

RUN apt-get update && apt-get install -y apt-utils
RUN apt-get dist-upgrade -y

## add curl as it is used after
RUN apt-get install -y curl xz-utils unzip telnet locales bzip2

## UTF-8
RUN locale-gen en_US.UTF-8
ENV LANG       en_US.UTF-8
ENV LC_ALL     en_US.UTF-8
RUN localedef -i en_US -f UTF-8 en_US.UTF-8

# Prepare NODE options, keys and repositories
## gpg keys listed at https://github.com/nodejs/node
RUN set -ex \
  && for key in \
#    94AE36675C464D64BAFA68DD7434390BDBE9B9C5 \
    FD3A5288F042B6850C66B31F09FE44734EB7990E \
#    71DCFD284A79C3B38668286BC97EC7A07EDE3FC1 \
    DD8F2338BAE7501E3DD5AC78C273792F7D83545D \
    C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \
    B9AE9905FFD7803F25714661B63B535A4C206CA9 \
    56730D5401028683275BD23C23EFEFE93C4CFFFE \
  ; do \
    gpg --keyserver pool.sks-keyservers.net --recv-keys "$key"; \
  done

@chorrell
Copy link
Contributor

Ah, so we've found that pool.sks-keyservers.net isn't too reliable (especially in out test builds) so we try multiple keyservers now:

# gpg keys listed at https://github.com/nodejs/node#release-team
RUN set -ex \
  && for key in \
    9554F04D7259F04124DE6B476D5A82AC7E37093B \
    94AE36675C464D64BAFA68DD7434390BDBE9B9C5 \
    FD3A5288F042B6850C66B31F09FE44734EB7990E \
    71DCFD284A79C3B38668286BC97EC7A07EDE3FC1 \
    DD8F2338BAE7501E3DD5AC78C273792F7D83545D \
    B9AE9905FFD7803F25714661B63B535A4C206CA9 \
    C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \
    56730D5401028683275BD23C23EFEFE93C4CFFFE \
  ; do \
    gpg --keyserver pgp.mit.edu --recv-keys "$key" || \
    gpg --keyserver keyserver.pgp.com --recv-keys "$key" || \
    gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$key" ; \
  done

@luislobo
Copy link

luislobo commented Aug 10, 2017
edited
Loading

OK, I'll try that...

FWIW, this is my current output:

[...]

+ gpg --keyserver pool.sks-keyservers.net --recv-keys C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8
gpg: requesting key CC11F4C8 from hkp server pool.sks-keyservers.net
?: pool.sks-keyservers.net: Cannot assign requested address
gpgkeys: HTTP fetch error 7: couldn't connect: Cannot assign requested address
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
gpg: keyserver communications error: keyserver unreachable
gpg: keyserver communications error: public key not found
gpg: keyserver receive failed: public key not found
The command '/bin/sh -c set -ex   && for key in     FD3A5288F042B6850C66B31F09FE44734EB7990E     DD8F2338BAE7501E3DD5AC78C273792F7D83545D     C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8     B9AE9905FFD7803F25714661B63B535A4C206CA9     56730D5401028683275BD23C23EFEFE93C4CFFFE   ; do     gpg --keyserver pool.sks-keyservers.net --recv-keys "$key";   done' returned a non-zero code: 2

@luislobo
Copy link

@chorrell it worked! Thank you!

@danhper danhper mentioned this issue Oct 21, 2017
Closed
This was referenced May 25, 2018
Closed
Closed
@AnnaDodson AnnaDodson mentioned this issue Oct 10, 2018
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@chorrell @pesho @luislobo @andricicezar @Starefossen