OK ... I've done some more digging. The command
KEYSERVER --clear was failing because it doesn't like the embedded username and password, i.e. it only works if the configuration just specifies ldaps://login.linaro.org. So, stripping the username and password out gets *that* bit of the code to work but ultimately fails when the code tries to send the key because it no longer has any authentication information. How/where am I supposed to specify the username and password? I've tried specifying: keyserver-options binddn="uid=user1,ou=PGP Keys,dc=EXAMPLE,dc=ORG" keyserver-options bindpw=PASSWORD which is what https://wiki.gnupg.org/LDAPKeyserver suggests, but the software complains they are unrecognised; I suspect that gnupg 2.1 removed those but it isn't clear if they got replaced by something else. Thanks. Philip On 8 April 2016 at 12:19, Philip Colmer <philip.col...@linaro.org> wrote: > On 8 April 2016 at 11:55, Kristian Fiskerstrand > <kristian.fiskerstr...@sumptuouscapital.com> wrote: >>>> is ldap listed as a schema when doing KEYSERVER --help ? you can >>>> also check if ldd /usr/bin/dirmngr shows a linkage to libldap > > Thanks for this suggestion. dirmngr wasn't listing ldap, so I've > installed the extra bits, rebuilt and now it is. > > However, unfortunately, now --send-key breaks earlier than it was :( > > gpg: enabled debug flags: packet mpi crypto filter iobuf memory cache > memstat trust hashing cardio ipc clock lookup extprog > gpg: DBG: [not enabled in the source] start > gpg: DBG: chan_3 <- # Home: /home/ubuntu/.gnupg > gpg: DBG: chan_3 <- # Config: /home/ubuntu/.gnupg/dirmngr.conf > gpg: DBG: chan_3 <- OK Dirmngr 2.1.11 at your service > gpg: DBG: connection to the dirmngr established > gpg: DBG: chan_3 -> GETINFO version > gpg: DBG: chan_3 <- D 2.1.11 > gpg: DBG: chan_3 <- OK > gpg: DBG: chan_3 -> KEYSERVER --clear > ldaps://<DN>:<password>@login.linaro.org?dc=linaro,dc=org > gpg: DBG: chan_3 <- ERR 167772161 General error <Dirmngr> > gpg: no keyserver known > gpg: keyserver send failed: No keyserver available > gpg: DBG: chan_3 -> BYE > gpg: DBG: [not enabled in the source] stop > > This used to be the output ... > > gpg: DBG: [not enabled in the source] start > gpg: DBG: chan_3 <- # Home: /home/ubuntu/.gnupg > gpg: DBG: chan_3 <- # Config: /home/ubuntu/.gnupg/dirmngr.conf > gpg: DBG: chan_3 <- OK Dirmngr 2.1.11 at your service > gpg: DBG: chan_4 <- # Home: /home/ubuntu/.gnupg > gpg: DBG: chan_4 <- # Config: /home/ubuntu/.gnupg/dirmngr.conf > gpg: DBG: chan_4 <- OK Dirmngr 2.1.11 at your service > gpg: DBG: connection to the dirmngr established > gpg: DBG: chan_4 -> GETINFO version > gpg: DBG: chan_4 <- D 2.1.11 > gpg: DBG: chan_4 <- OK > gpg: DBG: chan_4 -> KEYSERVER --clear ldaps://<DN>:<password>@login.linaro.org > gpg: DBG: chan_4 <- OK > gpg: DBG: chan_4 -> KEYSERVER > gpg: DBG: chan_4 <- S KEYSERVER ldaps://uid=<DN>:<password>@login.linaro.org > gpg: DBG: chan_4 <- OK > gpg: DBG: [not enabled in the source] keydb_new > gpg: DBG: [not enabled in the source] keydb_search enter > > Regards > > Philip _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
