La foret rouge
Published on

Amazon Linux - gpg: keyserver receive failed: No dirmngr

Authors
  • avatar
    Name
    신주용

문제 상황

aws EC2 인스턴스를 Amazon Linux로 만들어 사용하던 중 rvm을 설치하려고 했습니다. 설치 과정에서 gpg 키를 추가하기 위해 명령어를 실행했는데 다음과 같은 오류를 만났습니다.

[ec2-user@ec2 ~]$ gpg --keyserver keyserver.ubuntu.com --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
gpg: keyserver receive failed: No dirmngr

시도

dirmngr은 X.509 인증서와 관련된 서버로 내부적으로 호출된다고 합니다1. 이게 없다고 하니 일단 설치를 시도해봅니다2.

[ec2-user@ec2 ~]$ sudo yum install dirmngr
Last metadata expiration check: 1:02:15 ago on Wed Jun 26 00:25:06 2024.
Error:
 Problem: problem with installed package gnupg2-minimal-2.3.7-1.amzn2023.0.4.x86_64
  - package gnupg2-minimal-2.3.7-1.amzn2023.0.4.x86_64 from @System conflicts with gnupg2 provided by gnupg2-2.3.7-1.amzn2023.0.3.x86_64 from amazonlinux
  - package gnupg2-minimal-2.3.7-1.amzn2023.0.3.x86_64 from amazonlinux conflicts with gnupg2 provided by gnupg2-2.3.7-1.amzn2023.0.3.x86_64 from amazonlinux
  - package gnupg2-minimal-2.3.7-1.amzn2023.0.4.x86_64 from amazonlinux conflicts with gnupg2 provided by gnupg2-2.3.7-1.amzn2023.0.3.x86_64 from amazonlinux
  - conflicting requests
  - package gnupg2-minimal-2.3.7-1.amzn2023.0.4.x86_64 from @System conflicts with gnupg2 provided by gnupg2-2.3.7-1.amzn2023.0.4.x86_64 from amazonlinux
  - package gnupg2-minimal-2.3.7-1.amzn2023.0.3.x86_64 from amazonlinux conflicts with gnupg2 provided by gnupg2-2.3.7-1.amzn2023.0.4.x86_64 from amazonlinux
  - package gnupg2-minimal-2.3.7-1.amzn2023.0.4.x86_64 from amazonlinux conflicts with gnupg2 provided by gnupg2-2.3.7-1.amzn2023.0.4.x86_64 from amazonlinux
(try to add '--allowerasing' to command line to replace conflicting packages or '--skip-broken' to skip uninstallable packages)

amazonlinux에 기존에 이미 gnupg2-minimal 패키지가 설치가 있었던 것 같은데 이것과 충돌이 있는 것 같습니다. 이 문제와 동일한 문제를 겪은 사람의 GitHub 이슈에 따르면 위 로그 마지막에 나온 것처럼 --allowerasing을 붙여서 설치를 했다고 합니다3.

[ec2-user@ec2 ~]$ sudo yum install dirmngr --allowerasing
Last metadata expiration check: 1:13:44 ago on Wed Jun 26 00:25:06 2024.
Dependencies resolved.
======================================================================================================================
 Package                        Architecture       Version                              Repository               Size
======================================================================================================================
Installing:
 gnupg2                         x86_64             2.3.7-1.amzn2023.0.4                 amazonlinux             2.5 M
Installing dependencies:
 libksba                        x86_64             1.6.3-1.amzn2023.0.2                 amazonlinux             159 k
 # ...
Removing dependent packages:
 gnupg2-minimal                 x86_64             2.3.7-1.amzn2023.0.4                 @System                 917 k

Transaction Summary
======================================================================================================================
Install  12 Packages
Remove    1 Package

Total download size: 12 M
Is this ok [y/N]: y
# ...

Installed:
  gnupg2-2.3.7-1.amzn2023.0.4.x86_64                       gnupg2-smime-2.3.7-1.amzn2023.0.4.x86_64
# ...
Removed:
  gnupg2-minimal-2.3.7-1.amzn2023.0.4.x86_64

Complete!

결과

dirmngr 설치를 했으니 다시 gpg 키 추가를 시도해봅니다.

[ec2-user@ec2 ~]$ gpg --keyserver keyserver.ubuntu.com --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
gpg: key 105BD0E739499BDB: 1 duplicate signature removed
gpg: /home/ec2-user/.gnupg/trustdb.gpg: trustdb created
gpg: key 105BD0E739499BDB: public key "Piotr Kuczynski <piotr.kuczynski@gmail.com>" imported
gpg: key 3804BB82D39DC0E3: public key "Michal Papis (RVM signing) <mpapis@gmail.com>" imported
gpg: Total number processed: 2
gpg:               imported: 2

정상적으로 잘 되었습니다.

추가 의견

참고했던 GitHub 이슈의 작성자는 문제 해결이 안 된 것으로 보였습니다. timeout이 발생한다고 하던데, gpg 키를 저장해두는 서버의 문제일 수도 있다는 생각을 했습니다.

  • 제 경우에도 rvm 문서에 나온 다른 키 서버로 바꿔서 시도해봤는데 안된 경우가 있었습니다.

    rvm gpg
    [ec2-user@ec2 ~]$ gpg --keyserver hkp://ipv4.pool.sks-keyservers.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
gpg: keyserver receive failed: Server indicated a failure

참고: 이 글에서 언급되었으나 깊게 설명하지 않은 내용입니다.

  • GPG(GNU Privacy Guard)4.

Footnotes

  1. "1 About Dirmngr." gnupg.org. https://www.gnupg.org/documentation/manuals/dirmngr/Introduction.html (accessed Jun. 27, 2024).

  2. Hunter.S.Thompson. "gpg: keyserver receive failed: No dirmngr." StackExchange. https://unix.stackexchange.com/questions/401547/gpg-keyserver-receive-failed-no-dirmngr#401548 (accessed Jun. 27, 2024).

  3. "DNF Command Reference." DNF. https://dnf.readthedocs.io/en/latest/command_ref.html#options-label (accessed Jun. 27, 2024).

  4. "THE GNU PRIVACY GUARD." gnupg.org. https://gnupg.org (accessed Jun. 27, 2024).