Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
refreshing 4 keys from hkps://hkps.pool.sks-keyservers.net
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Installing Gentoo
View previous topic :: View next topic  
Author Message
sigra
n00b
n00b


Joined: 03 Feb 2006
Posts: 72

PostPosted: Mon Jun 18, 2018 10:50 pm    Post subject: refreshing 4 keys from hkps://hkps.pool.sks-keyservers.net Reply with quote

Since a few weeks, Gentoo syncs no more. It only says forever:
Code:
OpenPGP keyring refresh failed:
gpg: refreshing 4 keys from hkps://hkps.pool.sks-keyservers.net
gpg: keyserver refresh failed: Server indicated a failure
The system will be outdated and vulnerable in a while and therefore unusable.
Back to top
View user's profile Send private message
Ant P.
Watchman
Watchman


Joined: 18 Apr 2009
Posts: 5225

PostPosted: Tue Jun 19, 2018 5:14 pm    Post subject: Reply with quote

There are many, many, many people having this problem right now, so you're not the only one.

Recommend changing your sync method to webrsync-gpg until gentoo's critical infrastructure becomes a bit more dependable.
Back to top
View user's profile Send private message
araxon
n00b
n00b


Joined: 25 May 2011
Posts: 48

PostPosted: Wed Jun 27, 2018 9:00 am    Post subject: Reply with quote

I'm experiencing the same issue on one of my many gentoo installations. The decision to push this feature on users seems to be rushed and unnecessary.
Back to top
View user's profile Send private message
sigra
n00b
n00b


Joined: 03 Feb 2006
Posts: 72

PostPosted: Wed Jun 27, 2018 5:03 pm    Post subject: Reply with quote

I was able to sync with
Code:
emerge-webrsync
. (It seems to use a daily snapshot. So it will not work to get a particular fix as soon as it is committed.)
Back to top
View user's profile Send private message
cjmayo
n00b
n00b


Joined: 05 Nov 2004
Posts: 27

PostPosted: Wed Jul 04, 2018 7:24 pm    Post subject: Reply with quote

If using systemd, versions less than 239 cause these errors.

https://github.com/systemd/systemd/issues/8164
Back to top
View user's profile Send private message
araxon
n00b
n00b


Joined: 25 May 2011
Posts: 48

PostPosted: Sun Jul 08, 2018 4:42 pm    Post subject: Reply with quote

cjmayo wrote:
If using systemd, versions less than 239 cause these errors.

https://github.com/systemd/systemd/issues/8164

Thank you, but I'm not using systemd.
Sadly, the error on the particular computer still persists, even without systemd.
Back to top
View user's profile Send private message
araxon
n00b
n00b


Joined: 25 May 2011
Posts: 48

PostPosted: Wed Aug 08, 2018 11:59 am    Post subject: Reply with quote

Well, this is new (now it is "General error" instead of "Server indicated a failure"):
Code:
smrek ~ # emerge --sync
>>> Syncing repository 'gentoo' into '/usr/portage'...
 * Using keys from /usr/share/openpgp-keys/gentoo-release.asc
 * Refreshing keys from keyserver ...OpenPGP keyring refresh failed:
gpg: refreshing 4 keys from hkps://hkps.pool.sks-keyservers.net
gpg: keyserver refresh failed: General error

OpenPGP keyring refresh failed:
gpg: refreshing 4 keys from hkps://hkps.pool.sks-keyservers.net
gpg: keyserver refresh failed: General error

OpenPGP keyring refresh failed:
gpg: refreshing 4 keys from hkps://hkps.pool.sks-keyservers.net
gpg: keyserver refresh failed: General error

...

The error is spreading to more of my servers.
Back to top
View user's profile Send private message
nvertigo
n00b
n00b


Joined: 01 Aug 2014
Posts: 6

PostPosted: Thu Aug 09, 2018 8:05 am    Post subject: Reply with quote

araxon wrote:
Well, this is new (now it is "General error" instead of "Server indicated a failure"):
Code:
smrek ~ # emerge --sync
>>> Syncing repository 'gentoo' into '/usr/portage'...
 * Using keys from /usr/share/openpgp-keys/gentoo-release.asc
 * Refreshing keys from keyserver ...OpenPGP keyring refresh failed:
gpg: refreshing 4 keys from hkps://hkps.pool.sks-keyservers.net
gpg: keyserver refresh failed: General error

OpenPGP keyring refresh failed:
gpg: refreshing 4 keys from hkps://hkps.pool.sks-keyservers.net
gpg: keyserver refresh failed: General error

OpenPGP keyring refresh failed:
gpg: refreshing 4 keys from hkps://hkps.pool.sks-keyservers.net
gpg: keyserver refresh failed: General error

...

The error is spreading to more of my servers.


After over 15 years of using gentoo, this is the first time something preventing portage syncing for more then a week. Though this is really annoying and I completely agree new features should only be shipped if working, we can still sync without it (last line):
Code:

adler ~ # cat /etc/portage/repos.conf/gentoo.conf
[DEFAULT]
main-repo = gentoo

[gentoo]
location = /usr/portage
sync-type = rsync
auto-sync = yes
sync-uri = rsync://rsync.de.gentoo.org/gentoo-portage
sync-rsync-verify-metamanifest = no


With "sync-rsync-verify-metamanifest = no" not only the verification itself is skiped, but also the key updates. Voila, working like before.

EDIT:
This doesn't mean gentoo does not need to fix this. Ensuring data integrity gets more important every day!

EDIT2: For completeness: I'm using openrc.
Back to top
View user's profile Send private message
araxon
n00b
n00b


Joined: 25 May 2011
Posts: 48

PostPosted: Thu Aug 09, 2018 8:59 am    Post subject: Reply with quote

Quote:
sync-rsync-verify-metamanifest = no

Sadly, that is slowly becoming my default setting. From my point of view, the feature is broken and released prematurely.

Maybe there is something wrong with my configuration, but after many search attempts I have no clue what, and the error message itself is so cryptic that it does not help either.
Back to top
View user's profile Send private message
Leio
Developer
Developer


Joined: 27 Feb 2003
Posts: 412
Location: Estonia

PostPosted: Fri Aug 10, 2018 9:45 am    Post subject: Reply with quote

This should work better with >=app-portage/gemato-14.0
_________________
GNOME team lead; GStreamer; MIPS/ARM64
Back to top
View user's profile Send private message
yoshi314
l33t
l33t


Joined: 30 Dec 2004
Posts: 847
Location: PL

PostPosted: Tue Oct 02, 2018 7:33 am    Post subject: Reply with quote

i'm been having this breakage for the last week.

There should be a fallback in case key server is not available.
_________________
~amd64
shrink your /usr/portage with squashfs+aufs
Back to top
View user's profile Send private message
CitizenKepler
n00b
n00b


Joined: 20 Jul 2012
Posts: 2
Location: Houston, TX

PostPosted: Wed Oct 10, 2018 8:41 pm    Post subject: Reply with quote

I also have come by this on one of my cloud installs. I would love to see an option to emerge such as --skip-verify to workaround this issue when it does occur
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Installing Gentoo All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum