On Sat, Nov 15, 2025 at 8:10 AM Francesco Poli <[email protected]> wrote: > > Hello everyone! > > I had > > keyserver hkps://pgp.surf.nl > > in my ~/.gnupg/gpg.conf , but I have been experiencing issues with it > for the last few days, see the following excerpt from /var/log/syslog : > > dirmngr[3569]: error accessing > 'https://pgp.surf.nl:443/pks/lookup?op=get&options=mr&search=0x............': > http status 503 > dirmngr[3569]: selecting a different host due to a 503 (Service Unavailable) > dirmngr[3569]: error accessing > 'https://pgp.surf.nl:443/pks/lookup?op=get&options=mr&search=0x............': > http status 503 > dirmngr[3569]: selecting a different host due to a 503 (Service Unavailable) > dirmngr[3569]: error accessing > 'https://pgp.surf.nl:443/pks/lookup?op=get&options=mr&search=0x............': > http status 503 > dirmngr[3569]: selecting a different host due to a 503 (Service Unavailable) > dirmngr[3569]: error accessing > 'https://pgp.surf.nl:443/pks/lookup?op=get&options=mr&search=0x............': > http status 503 > dirmngr[3569]: selecting a different host due to a 503 (Service Unavailable) > dirmngr[3569]: error accessing > 'https://pgp.surf.nl:443/pks/lookup?op=get&options=mr&search=0x............': > http status 503 > dirmngr[3569]: selecting a different host due to a 503 (Service Unavailable) > dirmngr[3569]: error accessing > 'https://pgp.surf.nl:443/pks/lookup?op=get&options=mr&search=0x............': > http status 503 > dirmngr[3569]: command 'KS_GET' failed: No data > > > I tried to change keyserver. > The Debian wiki key signing [page] suggests the following ones (beyond > the Debian keyring one): > > * https://keyserver.ubuntu.com (recommended) > * https://keys.openpgp.org/ (used by Thunderbird) > * https://pgp.surf.nl/ > * https://pgp.mit.edu > > [page]: <https://wiki.debian.org/Keysigning> > > Among these, I only managed to make the following one work: > > keyserver hkps://pgp.mit.edu
Daniel Kahn Gillmor (dkg) recommends using a constrained keyserver like keys.openpgp.org if you want to check for certificate updates, revocation, expiration, or subkey rollover. If there's a problem with OpenPGS's keyserver, then it might be a good idea to contact them. Also note that newer OpenPGP servers can give older GnuPG clients problems. See <https://www.google.com/search?q=openpgp+gnupg+key+server+interoperability+issues>. > But it seems to work unreliably, it worked for a couple of key > refreshes, but now it's giving me: > > dirmngr[4391]: host 'pgp.mit.edu' marked as dead > dirmngr[4391]: host 'pgp.mit.edu' marked as dead > dirmngr[4391]: host 'pgp.mit.edu' marked as dead > dirmngr[4391]: host 'pgp.mit.edu' marked as dead > dirmngr[4391]: host 'pgp.mit.edu' marked as dead > dirmngr[4391]: host 'pgp.mit.edu' marked as dead > dirmngr[4391]: host 'pgp.mit.edu' marked as dead > dirmngr[4391]: host 'pgp.mit.edu' marked as dead > dirmngr[4391]: command 'KS_GET' failed: No keyserver available > dirmngr[4391]: host 'pgp.mit.edu' marked as dead > dirmngr[4391]: command 'KS_GET' failed: No keyserver available > > Which keyserver do you currently use/recommend ? > > Thanks for any help you may provide! > > P.S.: please Cc me on replies, I am not subscribed to the list. Jeff
