23

AFAIK The basic concept about gpg/pgp is that for two people who want to create trust between them is both publish a public key and private key (the private key is kept with the user who creates it, doesn't share) with strength (1024 bits at one time, 4096 now and 8192 in future and so on and on).

Now the two of them need to publish their public keys to a keyserver (similar to a phone directory) and give a link to the keyserver where those keys are published.

Now if I go to a server say https://pgp.mit.edu/ and search for ashish I will need many ones

https://pgp.mit.edu/pks/lookup?op=get&search=ashish&op=index

Let's say the Ashish I want is this one DAD95197 (just an example) how would I import that public key ?

I did try 

└─[$] gpg --keyserver pgp.mit.edu --recv-keys DAD95197

gpg: keyserver receive failed: No keyserver available

but as can be seen that didn't work.

shirish
  • 12,356
  • 2
    That worked for me, using a Debian testing system (gnupg 2.1.16-3, note that there is a bug saying 2.1.17-2 is broken—maybe that's your issue?) – derobert Jan 04 '17 at 22:40
  • The command looks good to me. I tried your command and it works for me. Maybe when you have tried the keyserver had some problem. This afternoon I also had the same error for a short time. – andreatsh Jan 04 '17 at 22:41
  • @derobert am using 2.1.17-2 could you share that bug am on https://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=gnupg but there is lot to parse. I am looking at bugs from other branch but not really finding it. – shirish Jan 04 '17 at 22:44
  • 1
    https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849845 (tip: also check the source package bug page https://bugs.debian.org/cgi-bin/pkgreport.cgi?archive=0;ordering=normal;repeatmerged=0;src=gnupg2) – derobert Jan 04 '17 at 22:45
  • It work on debian jessie , try the keyserver : hkp://keys.gnupg.net – GAD3R Jan 05 '17 at 11:54
  • 3
    BTW, you don't need to use the keyserver to establish trust, you can just exchange the public keys directly with one another (hopefully using some kind of trusted path). – MAP Jan 06 '17 at 03:04
  • the trusted path is an issue in itself. The only way is when you meet face-to-face. – shirish Jan 06 '17 at 09:11

2 Answers2

31
gpg --keyserver pgp.mit.edu --recv-keys DAD95197

is supposed to import keys matching DAD95197 from the MIT keyserver. However the MIT keyserver often has availability issues so it’s safer to configure another keyserver.

I generally use the SKS pools; here are their results when looking for “ashish”. To import the key from there, run

gpg --keyserver pool.sks-keyservers.net --recv-keys FBF1FC87DAD95197

(never use the short key ids, they can easily be spoofed).

This answer explains how to configure your GnuPG installation to always use the SKS pools.

Stephen Kitt
  • 434,908
1

It seems the MIT server is timing out. You can also trying manually copying the key contents in a file say ashish.gpg

$ cat ashish.gpg

    -----BEGIN PGP PUBLIC KEY BLOCK-----
    Version: SKS 1.1.6
    Comment: Hostname: pgp.mit.edu

    mQINBFrGqCABEAC53n1+JJKaE6bHDMr4SccDgN8dOw3gLIkiQYyjv6AoP4kQ82MmxDiwDUQE
    ufhry/NHcsxAePcHLTvMHH5YhsHkcChfd/J8q6CsY1vYCALGMhCYMuUEaE74H3k3Eg1eRSdm
    ddgni5Jmu6RqK23pdTvu3SnYyQSI+15xtqd+XFRuT5Wkwci6j+UNXjDBcHjjAYhN5qZOGwCX
    UwgcNykgDK6ZeT5HOQOGnx1d/nt4wI+Er9r0UzlROTwpMsx3t194DpQ5pSln3h937hACfIkB
    YDl/s2rgRFha1Wm4DOKxrzS7ISlxp6jBC5LXUP2Ll3Y3ceiiSNMD/G8m60ZSLes/Yd1yACm3
    JB9cThrhyhO9hSPXTugnrQv8bo7/wWq2+X6yLT2XkMeHQ69OdXz0G/h+BhToTfGsnFodZjl3
    KB4TxBQ8il0hlHMb7sf3y6Tu6XIjBYIeU/gUs2XG8Bxh7avDLE/+CDmPIjY86nuEw78ANgyQ
    PwlnNiAw3RZAOAXacthfl/0kwT5s/qi2N0W+cYfxqWuxEkeBjnYl5YpU5qno/4bfz2JbGh0M
    RwYxePyUhIJC1G4A37t3zZed6fvJQQGK7PkpOaUOc5I2Z14v76Dpxzf20P1CjhxdIj1f4Y5e
    bPd2voJLh4E1ZC9lotTFfi+4105+DChw3rgkmC8IJWd5K5PYzwARAQABtC9Bc2hpc2ggUGVy
    dXJ1IDxhcGVydXJ1QGNvbnRyYWN0LnZlcmltYXRyaXguY29tPokCVAQTAQgAPhYhBNMMexab
    vcf3Fv7JLJ/SvEoIgzUcBQJaxqggAhsDBQkHhh+ABQsJCAcCBhUICQoLAgQWAgMBAh4BAheA
    AAoJEJ/SvEoIgzUc7/YP/A3gxddRiKUfkFhe1KvZmq1L5BnlMH+eOkYyzOxVSfhGwDW98SR4
    Ltl/Rjy7hwqD5bM8xJq26SoLN4dgfpPsQjXwRpEFxNFj3mP9uKzphI+t5VcosifwgEobakmM
    8eSMdldvk9T/gyjbDrTNbrNGVvLN32C0ZjfDVPkfZpjpWFb56PoPk282knJgubC2tBId/zyv
    W35+CsUVGHjYfsS6bxaSsZN/gQxN/YmBr9aRSmZSiNVBNMrdiu3q9ECt3R7skYeVZoIFu23Z
    uGzjXuMlMc1qORfRoXH5qQ5rhrVbYi2/ZlJgdJmEYzx2AgKVT3FmEiQntK9Gg2bSvOiAU+Qj
    NjGuRqTYXIJbvQxpycNhlaDSziPcp0FSRH8o4ZTEfVKOdOuHssyWKpKI3MGYsgAndDGG3hzv
    R9I4MtrIIV6b47n5Xj7LhxAu0fYR3vzMGigzJ3F1WvPYCkDzWLwkziCgSbr4EqrROmUkre/d
    94EnorA+EBiH128uSH0SfwUQwk5atxrPWmasJsOkdLwAhG260ItlU+J93rumy/6Azbt4fvvK
    qyaMdUFQqhbUISsIwtc3Vzl+VKY+0mHI1airVNPdGyYdWXmqxA6qIhFYSsr7zrNz0B2Q7sQy
    uRhb1cO+80GJ+NiZ2tFaYQ+8tF0WhIKRRvHlbkTHprQyK2L86n6sqLFDuQINBFrGqCABEACw
    p4HwbRuz2dtQLiuJcDoGek5IP0qy32tOCqPmUXt3uo9+bfoVzg4e1VTmwN32rFS4nBPoM8OY
    gHtyPW7zSNUYVb7eHxIQAe5cr785bAGayiC8fAIZoGXNE8dUG2gEbVUaGXTr73SUVtSYf1Tq
    BlRwys/Sjw5evp0fI5Jv4TJofiUXqRC5rNfxKDhmQsYy2mmFlNgzYi1+2gbFglsPo6XaMU1q
    Vzk9C2fRUzdBlFlNkXZAjL3FMrRsFRa6QZqlt+0sX/FmBFduWwUs2Xgdosl9ceDWaBI1SSDP
    WpdKOU1aijblZJkqOb37Z5w9q/zoGoNgIBw8H3VrVtv7jNtP3yxCVzoEGsNb27Vk6HsE9BTI
    aVY+WZZ81zrWKf0ww7bb6JFJjGBzYg6GEgJgPOPcU8ekV985pGWIVK1a9Gs5HQaRpn32C4nS
    xjaN+Vpqj7hIAiY5jU6+pjKS6H6jugFOywWgyRB20NaioiOqxZ6KhXxq4rXsfQcRN2xVh1Sm
    dnpkwYRul7STUNJOtoBg5mHKFJdH3zQnU+pd7+rwYfFFn0bdNCX3eTaoSt7lcKCLOno64zbW
    zRikBbmiTKrhvxYgn9TVig3nMqaJs72YaPoargM3ssMK0/1+24KIG2LVd5qBhFj8bFYWUzqv
    Nih7DZx9sL4/OfBY1NNrwpr/POqlMF0eDQARAQABiQI8BBgBCAAmFiEE0wx7Fpu9x/cW/sks
    n9K8SgiDNRwFAlrGqCACGwwFCQeGH4AACgkQn9K8SgiDNRxuZxAAoz3ZqCMRYf3btaM1bMH3
    2XcwH8TNxPvC2Sr4B0Dd76Zb1beog02rwfecOxiCikM8u2ovYqi13SnW/4H/XNLtl1c/pEqE
    WaC1BHXiHamrA3XuQdPdrLCSkULuvWN9Qpn/3oNS4gbaT+7XuizUp+VA19LK5hRFOyTdkkUf
    ihp0LnCw7FnhIxjvpNoaGe5c6bA9A7NsI9YbE0olp8V+st3tYjIYK+JPTRoim3Ku2H5dvHsY
    pHOPNxqstrMdnvv3gknz6/EDfgu25LX0fAtnwa/U3yKdNdfbMR2iCqnuDX2Eie90UODbr8qf
    gEKEJgJF56DZwlCPDVVZpVG42t3m0X7XiZWcQhxmoouxq9mcnC3okwO4dsBhQ9XCzlzQ/HJj
    iMXkS2djmhDORSDCdQlWVom1jMQPvcVtbrhgk7vXGZRB0PiGer7ja99ph3zvI9qfgZGFr4HC
    6qTEap8Vbfopo9HMj24rEsPKIq5w7zo/4BUklDw9kHdMHBiS3RBUuxxyd08AflHRLLwpqOsi
    0NvpU7slgyyFXsGWQ7WdcdvwhQNjat2IDcSdIzkd2L/VIn8AItXPC7krdcYqsL2fo3qSJnTg
    /hm6EnlC8i1IkWmvZqGoKhr/uZoN8Qk6NnuEILSwgXINpLaNIPhTpq3B4BUiVh4Mw/O4E7Wx
    6SjNPNq7RibNBLI=
    =1Ksw
    -----END PGP PUBLIC KEY BLOCK----

And then use 

$ gpg --import ashish.gpg
Arushix
  • 1,290