Is there a way to GLOBALLY set the DEFAULT keyserver for gpg on Debian?

Question

I am not asking for per-request of a key, I know how to do that, but I want a chosen alternative gpg keyserver to be defaulted to, when no specific keyserver is specified in a request then-on-out.

Any ideas?

score 17 · Answer 1 · edited May 19 '16 at 13:10

17

At ubuntu a standard keyserver is set.

You can add the entry:

keyserver NAME_OF_KEYSERVER

in file ~/.gnupg/gpg.conf

edited May 19 '16 at 13:10

techraf

5,941

answered May 19 '16 at 12:31

eisenbahnfan

171

score 4 · Answer 2 · answered Jul 16 '15 at 08:04

According to the doc, gpg has no global configuration file, it is strictly user-based and takes the config only from the ~/.gnupg directory or from a directory specified by --homedir option on the command line.

As @sim noted, one solution is to alter the default skeleton file for creating the user's cfg file. On Debian, it is located here /usr/share/gnupg/options.skel

In the man page of gpgconf utility, there arises a second possibility:

--apply-defaults
          Update all configuration files with values taken from the global configuration file (usually ‘/etc/gnupg/gpgconf.conf’).

The keyserver option is supported, you can check with:

gpgconf --list-options gpg

So placing the dafault keyserver in the /etc/gnupg/gpgconf.conf and calling gpgconf --apply-defaults for the particular user could be used also.

And the line inside gpgconf.conf that would set keyserver to Ubuntu one for any user would be * gpg keyserver [change] "hkp://keyserver.ubuntu.com:80. — dvim, Aug 08 '20 at 10:47

score 2 · Answer 3 · answered Sep 14 '14 at 01:36

Looking at the gpg commands man page and how it behaves when there is no $HOME/.gnugpg directory present I'm not sure how this would work. When you have no $HOME/.gnugpg directory present, gpg will create one for you.

$ gpg --list-keys --fingerprint
gpg: directory `/root/.gnupg' created
gpg: new configuration file `/root/.gnupg/gpg.conf' created
gpg: WARNING: options in `/root/.gnupg/gpg.conf' are not yet active during this run
gpg: keyring `/root/.gnupg/pubring.gpg' created
gpg: /root/.gnupg/trustdb.gpg: trustdb created

The only idea I can conceive of here would be to put your default key server in the file that's used to populate a user's directory when they run gpg for the first time, but this is only marginally going to give you what you want.

So in my analysis I do not see a way to do what you ask.

Is there a way to GLOBALLY set the DEFAULT keyserver for gpg on Debian?

3 Answers3