Kleopatra/PGP4Win can't get user's public keys from server (SKS keyserver)

Dear Sirs/Madams,

Hope you are well.

I’m starting using Kleopatra with a SKS keyserver in my server to keep the public keys but I have been a problem. I make an user key, after that I export to the server (like image shows).
But when I try to find the user in the server throught the Kleopatra I can’t. Throught the web browser I can see that the user is in the server. But when I press in “Look up on server” option in Kleopatra nothing happens. I don’t know why but Kleopatra cant get my user keys from server.
When I try to encript one document I choose to cypher with the public key from other user but Kleopatra can’t get the oter users key from the server.
Can you help me solving such problem?
Could you recomend a better solution that Kleopatra/PGP4Win?

I already lost many time with this problem and can’t solve.
Thank you for your help.

Best regards.

img.PNG

Dear Fabio,

if the SKS keyserver currently do not work well enough, there are many other ways to exchange public keys. The best would be the web key directory solution, but this requires an email provider that offers it (see https://wiki.gnupg.org/WKD). Another one is to explicitely exchange the pubkey files.

Note that if usually take a while until the SKS keyserver network distributes a pubkey
and note that they are often accessed via a DNS pool, so if you use one server using a webbrowser and then use Kleopatra they may access different servers. If you are interested in analysing the situation you could do so, using the command line like

gpg -v --keyserver YZ --send-keys ABCD
(exchange ABC with your pubkey fingerprint and YZ with an explicit server)
gpg -v --keyserver YZ --recv-keys ABC

Another method of exchanging pubkeys is to publish them via https, download them as a file and them import them with Kleopatra.

Best Regards,
Bernhard

Thank you for you help Bernhard!

I’m using a sks keyserver in my linux ubuntu server. Probably my sks is not working well.
Could you suggest me another keyserver?

Thank you.

Hi Fabio,
you could pick any of the server listed in the pool
and test if you see your pubkey via the webinterface:

https://sks-keyservers.net/status/

Best,
Bernhard

Hi Bernhard,

I can access using Kleopatra to http://pgpkeys.eu/ (listed in the pool) and search keys there.
With kleopatra I export the key (to pgpkeys.eu), the pop up with ok message appears but I search about that user directly in the url and my user do not appears. But I can see other users.
Do you think you can send me any website with sks keyserver (or other keyserver) configurations and Kleopatra configurations that you trust?
I already did a lot of research to try to solve the problem but nothing until now.

Thank you for your help.

Regards.
Fábio

Hi Fabi,

there is an ongoing discussion about what to do about public keyservers (and their network).
So it is hard to give a recommendation right now. Here is an excerpt from
Phil Pennock from
https://lists.gnupg.org/pipermail/gnupg-users/2020-September/064129.html

<hkp://the.earth.li> is in the UK, run from the same University bunch of
folks as gave us PuTTY and has been around receiving keys from the SKS
keyservers via email for ages, so tends to be "fairly well populated",
so is where I try next after openpgp.org.

After that I hit old SKS keyservers which usually seem to work, whether
or not these entries are in the pools and _current_, since they'll at
least get me some of a key; the pool hostnames haven't been worth trying
the last several times I checked, too many bad servers.

  hkps://keyserver.ubuntu.com
  hkps://zimmermann.mayfirst.org
  hkp://keys2.kfwebs.net
  hkps://pgp.mit.edu

using WKD is the best choice if you want to distribute your pubkey, and as I personally
do not believe in keys.openpgp because it is central and created some problems
it is probably the list from Phil above that could be tried.

Hope this helps at least a little bit,
there is probably coming more about public keyservers in the next months.

Best Regards,
Bernhard

Hi,

to solve the problem is necessary to write the server’s url (and not just the server’s IP address) in kleopatra settings.
After that works very well.

Thank you.

Regards
Fábio

Hi Fabio,
thanks for the followup. Good to know it is working for you now!

(but a bit strange, I think it should be working with IP addresses as well, maybe it makes sense to file a report on dev.gnupg.org.)

Regards,
Bernhard