No default gpg.conf

I think this is why gpg --recv-key fails by default:

$ gpg --recv-key 0x04C367C218ADD4FF
gpg: keyserver receive failed: Server indicated a failure

But then I can:

$ gpg --keyserver keyserver.ubuntu.com --recv-key 0x04C367C218ADD4FF
gpg: key 04C367C218ADD4FF: "Benjamin Peterson <[email protected]>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1
$ cat ~/.gnupg/gpg.conf
cat: /home/tech/.gnupg/gpg.conf: No such file or directory
System:
Kernel: 5.19.10-zen1-1-zen arch: x86_64 bits: 64 compiler: gcc v: 12.2.0
parameters: BOOT_IMAGE=/@/boot/vmlinuz-linux-zen
root=UUID=1748cca7-e422-4ed9-bd5c-3d12856f8671 rw rootflags=subvol=@
quiet splash rd.udev.log_priority=3 vt.global_cursor_default=0
systemd.unified_cgroup_hierarchy=1
resume=UUID=dbb7a323-f52a-40d2-8ad1-ca512a750c83 loglevel=3
sysrq_always_enabled=1
Desktop: KDE Plasma v: 5.25.5 tk: Qt v: 5.15.6 info: latte-dock
wm: kwin_x11 vt: 1 dm: SDDM Distro: Garuda Linux base: Arch Linux
Machine:
Type: Desktop Mobo: ASRock model: X570 Taichi serial: <superuser required>
UEFI: American Megatrends v: P4.30 date: 04/14/2021
CPU:
Info: model: AMD Ryzen 9 3900XT bits: 64 type: MT MCP arch: Zen 2 gen: 3
level: v3 built: 2020-22 process: TSMC n7 (7nm) family: 0x17 (23)
model-id: 0x71 (113) stepping: 0 microcode: 0x8701021
Topology: cpus: 1x cores: 12 tpc: 2 threads: 24 smt: enabled cache:
L1: 768 KiB desc: d-12x32 KiB; i-12x32 KiB L2: 6 MiB desc: 12x512 KiB
L3: 64 MiB desc: 4x16 MiB
Speed (MHz): avg: 4085 high: 4177 min/max: 2200/4776 boost: enabled
scaling: driver: acpi-cpufreq governor: performance cores: 1: 4129 2: 3335
3: 4154 4: 4155 5: 4158 6: 4151 7: 4173 8: 4177 9: 4158 10: 4144 11: 4152
12: 4136 13: 4175 14: 4173 15: 4128 16: 4146 17: 4153 18: 4175 19: 4150
20: 3370 21: 4154 22: 4175 23: 4090 24: 4150 bogomips: 182400
Flags: avx avx2 ht lm nx pae sse sse2 sse3 sse4_1 sse4_2 sse4a ssse3 svm
Vulnerabilities:
Type: itlb_multihit status: Not affected
Type: l1tf status: Not affected
Type: mds status: Not affected
Type: meltdown status: Not affected
Type: mmio_stale_data status: Not affected
Type: retbleed mitigation: untrained return thunk; SMT enabled with STIBP
protection
Type: spec_store_bypass mitigation: Speculative Store Bypass disabled via
prctl
Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer
sanitization
Type: spectre_v2 mitigation: Retpolines, IBPB: conditional, STIBP:
always-on, RSB filling, PBRSB-eIBRS: Not affected
Type: srbds status: Not affected
Type: tsx_async_abort status: Not affected
Graphics:
Device-1: AMD Navi 22 [Radeon RX 6700/6700 XT/6750 XT / 6800M]
vendor: ASRock driver: amdgpu v: kernel arch: RDNA-2 code: Navi-2x
process: TSMC n7 (7nm) built: 2020-22 pcie: gen: 4 speed: 16 GT/s
lanes: 16 ports: active: DP-1, DP-2, DP-3, HDMI-A-1 empty: none
bus-ID: 0f:00.0 chip-ID: 1002:73df class-ID: 0300
Device-2: Logitech C922 Pro Stream Webcam type: USB
driver: snd-usb-audio,uvcvideo bus-ID: 5-1:2 chip-ID: 046d:085c
class-ID: 0102 serial: <filter>
Display: x11 server: X.Org v: 21.1.4 with: Xwayland v: 22.1.3
compositor: kwin_x11 driver: X: loaded: amdgpu unloaded: modesetting,radeon
alternate: fbdev,vesa gpu: amdgpu display-ID: :0.0 screens: 1
Screen-1: 0 s-res: 7680x2036 s-dpi: 96 s-size: 2026x537mm (79.76x21.14")
s-diag: 2096mm (82.52")
Monitor-1: DP-1 mapped: DisplayPort-0 pos: 2-1 model: Acer G246HL
serial: <filter> built: 2013 res: 1920x1080 hz: 60 dpi: 92 gamma: 1.2
size: 531x299mm (20.91x11.77") diag: 609mm (24") ratio: 16:9 modes:
max: 1920x1080 min: 720x400
Monitor-2: DP-2 mapped: DisplayPort-1 pos: primary,1-2 model: LG
(GoldStar) QHD serial: <filter> built: 2021 res: 2560x1440 hz: 144
dpi: 93 gamma: 1.2 size: 697x392mm (27.44x15.43") diag: 800mm (31.5")
ratio: 16:9 modes: max: 2560x1440 min: 640x480
Monitor-3: DP-3 mapped: DisplayPort-2 pos: 4-4 model: Samsung SyncMaster
serial: <filter> built: 2006 res: 1280x1024 dpi: 86 gamma: 1.2
size: 376x301mm (14.8x11.85") diag: 482mm (19") ratio: 5:4 modes:
max: 1280x1024 min: 720x400
Monitor-4: HDMI-A-1 mapped: HDMI-A-0 pos: 3-3 model: LCD TV built: 2011
res: 1920x1080 hz: 60 dpi: 3048 gamma: 1.2 size: 16x9mm (0.63x0.35")
diag: 6mm (0.2") ratio: 15:9 modes: max: 1920x1080 min: 640x480
OpenGL: renderer: AMD Radeon RX 6700 XT (navy_flounder LLVM 14.0.6 DRM
3.47 5.19.10-zen1-1-zen) v: 4.6 Mesa 22.1.7 direct render: Yes
Audio:
Device-1: AMD Navi 21/23 HDMI/DP Audio driver: snd_hda_intel v: kernel
pcie: bus-ID: 3-5:4 gen: 4 chip-ID: 0d8c:013a class-ID: 0300 speed: 16 GT/s
lanes: 16 bus-ID: 0f:00.1 chip-ID: 1002:ab28 class-ID: 0403
Device-2: AMD Starship/Matisse HD Audio vendor: ASRock
driver: snd_hda_intel v: kernel pcie: gen: 4 speed: 16 GT/s lanes: 16
bus-ID: 11:00.4 chip-ID: 1022:1487 class-ID: 0403
Device-3: C-Media USB PnP Sound Device type: USB
driver: hid-generic,snd-usb-audio,usbhid
Device-4: Logitech C922 Pro Stream Webcam type: USB
driver: snd-usb-audio,uvcvideo bus-ID: 5-1:2 chip-ID: 046d:085c
class-ID: 0102 serial: <filter>
Sound Server-1: ALSA v: k5.19.10-zen1-1-zen running: yes
Sound Server-2: PulseAudio v: 16.1 running: no
Sound Server-3: PipeWire v: 0.3.58 running: yes
Network:
Device-1: Intel Wi-Fi 6 AX200 driver: iwlwifi v: kernel pcie: gen: 2
speed: 5 GT/s lanes: 1 bus-ID: 05:00.0 chip-ID: 8086:2723 class-ID: 0280
IF: wlp5s0 state: up mac: <filter>
Device-2: Intel I211 Gigabit Network vendor: ASRock driver: igb v: kernel
pcie: gen: 1 speed: 2.5 GT/s lanes: 1 port: f000 bus-ID: 07:00.0
chip-ID: 8086:1539 class-ID: 0200
IF: enp7s0 state: up speed: 1000 Mbps duplex: full mac: <filter>
IF-ID-1: br-782cbcb8d015 state: up speed: 10000 Mbps duplex: unknown
mac: <filter>
IF-ID-2: docker0 state: down mac: <filter>
IF-ID-3: tailscale0 state: unknown speed: -1 duplex: full mac: N/A
IF-ID-4: veth4c02ea6 state: up speed: 10000 Mbps duplex: full
mac: <filter>
IF-ID-5: veth73fe64c state: up speed: 10000 Mbps duplex: full
mac: <filter>
IF-ID-6: vethe6d881c state: up speed: 10000 Mbps duplex: full
mac: <filter>
IF-ID-7: virbr0 state: down mac: <filter>
Bluetooth:
Device-1: Intel AX200 Bluetooth type: USB driver: btusb v: 0.8
bus-ID: 3-2:2 chip-ID: 8087:0029 class-ID: e001
Report: bt-adapter ID: hci0 rfk-id: 0 state: up address: <filter>
Drives:
Local Storage: total: 2.38 TiB used: 1.79 TiB (75.0%)
SMART Message: Unable to run smartctl. Root privileges required.
ID-1: /dev/nvme0n1 maj-min: 259:0 vendor: Samsung model: SSD 970 EVO Plus
2TB size: 1.82 TiB block-size: physical: 512 B logical: 512 B
speed: 31.6 Gb/s lanes: 4 type: SSD serial: <filter> rev: 2B2QEXM7
temp: 53.9 C scheme: GPT
ID-2: /dev/sda maj-min: 8:0 vendor: Samsung model: SSD 840 EVO 500GB
size: 465.76 GiB block-size: physical: 512 B logical: 512 B speed: 6.0 Gb/s
type: SSD serial: <filter> rev: DB6Q scheme: GPT
ID-3: /dev/sdb maj-min: 8:16 type: USB model: SATA SSD size: 111.79 GiB
block-size: physical: 512 B logical: 512 B type: SSD serial: <filter>
Partition:
ID-1: / raw-size: 1.75 TiB size: 1.75 TiB (100.00%) used: 1.7 TiB (97.3%)
fs: btrfs dev: /dev/nvme0n1p2 maj-min: 259:2
ID-2: /boot/efi raw-size: 256 MiB size: 252 MiB (98.46%) used: 570 KiB
(0.2%) fs: vfat dev: /dev/nvme0n1p1 maj-min: 259:1
ID-3: /home raw-size: 1.75 TiB size: 1.75 TiB (100.00%) used: 1.7 TiB
(97.3%) fs: btrfs dev: /dev/nvme0n1p2 maj-min: 259:2
ID-4: /var/log raw-size: 1.75 TiB size: 1.75 TiB (100.00%) used: 1.7 TiB
(97.3%) fs: btrfs dev: /dev/nvme0n1p2 maj-min: 259:2
ID-5: /var/tmp raw-size: 1.75 TiB size: 1.75 TiB (100.00%) used: 1.7 TiB
(97.3%) fs: btrfs dev: /dev/nvme0n1p2 maj-min: 259:2
Swap:
Kernel: swappiness: 133 (default 60) cache-pressure: 100 (default)
ID-1: swap-1 type: zram size: 62.73 GiB used: 10.94 GiB (17.4%)
priority: 100 dev: /dev/zram0
ID-2: swap-2 type: partition size: 69.07 GiB used: 0 KiB (0.0%)
priority: -2 dev: /dev/nvme0n1p3 maj-min: 259:3
Sensors:
System Temperatures: cpu: 43.0 C mobo: 40.0 C gpu: amdgpu temp: 59.0 C
mem: 58.0 C
Fan Speeds (RPM): fan-1: 0 fan-2: 1182 fan-3: 0 fan-4: 1640 fan-5: 1248
fan-6: 2191 fan-7: 0 gpu: amdgpu fan: 853
Info:
Processes: 743 Uptime: 4d 12h 54m wakeups: 0 Memory: 62.73 GiB used: 24.12
GiB (38.5%) Init: systemd v: 251 default: graphical tool: systemctl
Compilers: gcc: 12.2.0 clang: 14.0.6 Packages: pm: pacman pkgs: 2883
libs: 620 tools: octopi,pamac,paru pm: flatpak pkgs: 0 Shell: Bash
v: 5.1.16 running-in: yakuake inxi: 3.3.21
Garuda (2.6.7-1):
System install date:     2021-06-18
Last full system update: 2022-09-27 ↻
Is partially upgraded:   No
Relevant software:       NetworkManager
Windows dual boot:       No/Undetected
Snapshots:               Snapper
Failed units:            [email protected]

Maybe this belongs in development? Please move if needed :slight_smile:

2 Likes

Hi, you have to create your personal configuration. Even if you don't need of a personal gpg pair keys, it's usefull having gpg configured. Take a look at the following (and see man gpg.conf):

file $HOME/.gnupg/gpg.conf

## check this file for errors by `gpg --list-config`
# https://www.gnupg.org/documentation/manuals/gnupg/GPG-Esoteric-Options.html
# https://help.riseup.net/en/security/message-security/openpgp/best-practices
# https://github.com/lfit/itpol/blob/master/protecting-code-integrity.md
# https://wiki.gnupg.org/ECC
# gpg --quick-gen-key [email protected] future-default [default]
# gpg --default-new-key-algo "ed25519/cert,sign+cv25519/encr" --quick-generate-key "[email protected]"

# to generate enough entropy before creating a key, open a new terminal and type:
# `rngd -r /dev/urandom && haveged -n 3M -f /dev/null && haveged -e && dd bs=3M if=/dev/zero of=/tmp/test conv=fdatasync && doas ls -R /`

verbose
expert
default-recipient-self
display-charset utf-8
no-greeting
no-emit-version
no-comments
no-permission-warning
keyid-format 0xlong
with-fingerprint
with-subkey-fingerprint
with-keygrip

list-options show-usage show-notations show-keyserver-urls
verify-options show-notations show-keyserver-urls

import-options import-clean
export-options export-clean
throw-keyids

# Try to use the GnuPG-Agent. With this option, GnuPG first tries to connect to
# the agent before it asks for a passphrase.
use-agent

# If no keyserver is explicitly configured, dirmngr will use the built-in
# default of https://keyserver.ubuntu.com.

# Set the proxy to use for HTTP and HKP keyservers - default to the standard
# local Tor socks proxy
# It is encouraged to use Tor for improved anonymity. Preferrably use either a
# dedicated SOCKSPort for GnuPG and/or enable IsolateDestPort and
# IsolateDestAddr
#keyserver-options http-proxy=socks5-hostname://127.0.0.1:9050
keyserver-options no-honor-keyserver-url include-subkeys timeout=5

# This preference list is used for new keys and becomes the default for
# "setpref" in the edit menu
default-preference-list SHA512 SHA384 SHA256 SHA224 CAMELLIA256 AES256 CAMELLIA192 AES192 CAMELLIA128 AES TWOFISH BZIP2 ZLIB ZIP Uncompressed

# see supported algo by `gpg --version` or `gpg --list-config --with-colons`
#personal-aead-preferences
personal-cipher-preferences CAMELLIA256 AES256 CAMELLIA192 AES192 CAMELLIA128 AES TWOFISH
personal-digest-preferences SHA512 SHA384 SHA256 SHA224
personal-compress-preferences BZIP2 ZLIB

#aead-algo
cipher-algo CAMELLIA256
digest-algo SHA512
# message digest algorithm used when signing a key
cert-digest-algo SHA512

s2k-cipher-algo CAMELLIA256
s2k-digest-algo SHA512
s2k-mode 3
s2k-count 65011712

disable-cipher-algo IDEA BLOWFISH 3DES CAST5
disable-pubkey-algo DSA

file dirmngr.conf

verbose
disable-http
connect-timeout 5
#use-tor

keyserver https://pgp.surf.nl
keyserver https://keys.mailvelope.com
keyserver https://keys.openpgp.org
keyserver https://pgp.mit.edu
# built-in default
#https://keyserver.ubuntu.com/

file gpg-agent.conf

#ttyname $GPG_TTY

enable-ssh-support
default-cache-ttl 86400
max-cache-ttl 86400

#default-cache-ttl 60480000
#max-cache-ttl 60480000

# see the list of available pinentry apps by `pacman -Ql pinentry`
pinentry-program /usr/bin/pinentry-curses
#pinentry-program /usr/bin/pinentry-gnome3
1 Like