gpg: no valid OpenPGP data found

Question

I am trying to make sense of the following two serverfault posts:

How to verify a file using an asc signature file?

and

gpg --import bind-9.9.4.tar.gz.sha1.asc fails with no valid OpenPGP data found

In my case here is what I do :

$ wget http://www.chronox.de/libkcapi/libkcapi-1.1.5.tar.xz
$ wget http://www.chronox.de/libkcapi/libkcapi-1.1.5.tar.xz.asc
$ gpg libkcapi-1.1.5.tar.xz.asc
gpg: WARNING: no command supplied.  Trying to guess what you mean ...
gpg: assuming signed data in 'libkcapi-1.1.5.tar.xz'
gpg: Signature made Wed 31 Jul 2019 10:01:53 AM CEST
gpg:                using RSA key 3BCC43D4D2C87D1784B69EE4421EE936326AC15B
gpg: Can't check signature: No public key
$ gpg --recv-keys  3BCC43D4D2C87D1784B69EE4421EE936326AC15B
gpg: key 421EE936326AC15B: new key but contains no user ID - skipped
gpg: Total number processed: 1
gpg:           w/o user IDs: 1

It seems this key has an issue so I cannot verify the tarball, still the same issue:

$ gpg  libkcapi-1.1.5.tar.xz.asc
gpg: WARNING: no command supplied.  Trying to guess what you mean ...
gpg: assuming signed data in 'libkcapi-1.1.5.tar.xz'
gpg: Signature made Wed 31 Jul 2019 10:01:53 AM CEST
gpg:                using RSA key 3BCC43D4D2C87D1784B69EE4421EE936326AC15B
gpg: Can't check signature: No public key

What am I missing ? Or is there something special with this key:

$ gpg --keyid-format long --show-key libkcapi-1.1.5.tar.xz.asc
gpg: no valid OpenPGP data found.

Update here is my server:

$ gpg -vv --receive-keys 3BCC43D4D2C87D1784B69EE4421EE936326AC15B
gpg: data source: https://keys.openpgp.org:443

What should be a good/reliable server instead ?

Update2:

$ gpg --version
gpg (GnuPG) 2.2.12
libgcrypt 1.8.4
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /home/mathieu/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

I like the fact that this question is a copy/paste from two other questions on serverfault, but for some reason this one does not belong here... — malat, Oct 03 '19 at 05:56

score 2 · Accepted Answer · answered Oct 02 '19 at 16:18

2

It's possible you're pointing at a bad keyserver?

I get:

○ → gpg --recv-keys 3BCC43D4D2C87D1784B69EE4421EE936326AC15B
gpg: key 421EE936326AC15B: public key "Stephan Mueller <sm@eperm.de>" imported
gpg: Total number processed: 1
gpg:               imported: 1

answered Oct 02 '19 at 16:18

MikeyB

38,725
10
102
186

So, how would one point to a good keyserver? Or even know what a good keyserver is? – Ed Randall Jul 13 '21 at 20:18

gpg: no valid OpenPGP data found

1 Answers1