Configuring and using additional repositories requires APT public key management to validate the Release file and downloaded packages.
Basic dependencies
Install dirmngr using the following command to perform network operations as described here.
$ sudo apt-get install dirmngr --install-recommends
Reading package lists... Done Building dependency tree Reading state information... Done Suggested packages: dbus-user-session pinentry-gnome3 tor The following NEW packages will be installed: dirmngr 0 upgraded, 1 newly installed, 0 to remove and 1 not upgraded. Need to get 595 kB of archives. After this operation, 1,110 kB of additional disk space will be used. Get:1 http://ftp.task.gda.pl/debian stretch/main amd64 dirmngr amd64 2.1.18-8~deb9u1 [595 kB] Fetched 595 kB in 0s (1,882 kB/s) Selecting previously unselected package dirmngr. (Reading database ... 26571 files and directories currently installed.) Preparing to unpack .../dirmngr_2.1.18-8~deb9u1_amd64.deb ... Unpacking dirmngr (2.1.18-8~deb9u1) ... Processing triggers for man-db (2.7.6.1-2) ... Setting up dirmngr (2.1.18-8~deb9u1) ...
Enable HTTPS protocol for APT, as described here.
$ sudo apt-get install apt-transport-https
Reading package lists... Done Building dependency tree Reading state information... Done The following NEW packages will be installed: apt-transport-https 0 upgraded, 1 newly installed, 0 to remove and 1 not upgraded. Need to get 171 kB of archives. After this operation, 243 kB of additional disk space will be used. Get:1 http://ftp.task.gda.pl/debian stretch/main amd64 apt-transport-https amd64 1.4.8 [171 kB] Fetched 171 kB in 0s (831 kB/s) Selecting previously unselected package apt-transport-https. (Reading database ... 26565 files and directories currently installed.) Preparing to unpack .../apt-transport-https_1.4.8_amd64.deb ... Unpacking apt-transport-https (1.4.8) ... Setting up apt-transport-https (1.4.8) ...
Add supplementary repository
I will add the RabbitMQ repository as it is an excellent example of the most common usage scenario.
$ echo "deb https://dl.bintray.com/rabbitmq/debian stretch main" | sudo tee /etc/apt/sources.list.d/bintray.rabbitmq.list
Update package index to notice the missing public key.
$ sudo apt-get update
Hit:1 http://security.debian.org/debian-security stretch/updates InRelease Ign:2 http://ftp.task.gda.pl/debian stretch InRelease Hit:3 http://ftp.task.gda.pl/debian stretch-updates InRelease Hit:4 http://ftp.task.gda.pl/debian stretch Release Ign:5 https://dl.bintray.com/rabbitmq/debian stretch InRelease Get:7 https://dl.bintray.com/rabbitmq/debian stretch Release [54.1 kB] Get:8 https://dl.bintray.com/rabbitmq/debian stretch Release.gpg [821 B] Ign:8 https://dl.bintray.com/rabbitmq/debian stretch Release.gpg Get:9 https://dl.bintray.com/rabbitmq/debian stretch/main amd64 Packages [867 B] Fetched 55.8 kB in 2s (23.4 kB/s) Reading package lists... Done W: GPG error: https://dl.bintray.com/rabbitmq/debian stretch Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 6B73A36E6026DFCA W: The repository 'https://dl.bintray.com/rabbitmq/debian stretch Release' is not signed. N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use. N: See apt-secure(8) manpage for repository creation and user configuration details.
Release signature cannot be verified due to missing 6B73A36E6026DFCA public key.
$ apt-key list
/etc/apt/trusted.gpg.d/debian-archive-jessie-automatic.gpg
----------------------------------------------------------
pub rsa4096 2014-11-21 [SC] [expires: 2022-11-19]
126C 0D24 BD8A 2942 CC7D F8AC 7638 D044 2B90 D010
uid [ unknown] Debian Archive Automatic Signing Key (8/jessie) <ftpmaster@debian.org>
/etc/apt/trusted.gpg.d/debian-archive-jessie-security-automatic.gpg
-------------------------------------------------------------------
pub rsa4096 2014-11-21 [SC] [expires: 2022-11-19]
D211 6914 1CEC D440 F2EB 8DDA 9D6D 8F6B C857 C906
uid [ unknown] Debian Security Archive Automatic Signing Key (8/jessie) <ftpmaster@debian.org>
/etc/apt/trusted.gpg.d/debian-archive-jessie-stable.gpg
-------------------------------------------------------
pub rsa4096 2013-08-17 [SC] [expires: 2021-08-15]
75DD C3C4 A499 F1A1 8CB5 F3C8 CBF8 D6FD 518E 17E1
uid [ unknown] Jessie Stable Release Key <debian-release@lists.debian.org>
/etc/apt/trusted.gpg.d/debian-archive-stretch-automatic.gpg
-----------------------------------------------------------
pub rsa4096 2017-05-22 [SC] [expires: 2025-05-20]
E1CF 20DD FFE4 B89E 8026 58F1 E0B1 1894 F66A EC98
uid [ unknown] Debian Archive Automatic Signing Key (9/stretch) <ftpmaster@debian.org>
sub rsa4096 2017-05-22 [S] [expires: 2025-05-20]
/etc/apt/trusted.gpg.d/debian-archive-stretch-security-automatic.gpg
--------------------------------------------------------------------
pub rsa4096 2017-05-22 [SC] [expires: 2025-05-20]
6ED6 F5CB 5FA6 FB2F 460A E88E EDA0 D238 8AE2 2BA9
uid [ unknown] Debian Security Archive Automatic Signing Key (9/stretch) <ftpmaster@debian.org>
sub rsa4096 2017-05-22 [S] [expires: 2025-05-20]
/etc/apt/trusted.gpg.d/debian-archive-stretch-stable.gpg
--------------------------------------------------------
pub rsa4096 2017-05-20 [SC] [expires: 2025-05-18]
067E 3C45 6BAE 240A CEE8 8F6F EF0F 382A 1A7B 6500
uid [ unknown] Debian Stable Release Key (9/stretch) <debian-release@lists.debian.org>
/etc/apt/trusted.gpg.d/debian-archive-wheezy-automatic.gpg
----------------------------------------------------------
pub rsa4096 2012-04-27 [SC] [expires: 2020-04-25]
A1BD 8E9D 78F7 FE5C 3E65 D8AF 8B48 AD62 4692 5553
uid [ unknown] Debian Archive Automatic Signing Key (7.0/wheezy) <ftpmaster@debian.org>
/etc/apt/trusted.gpg.d/debian-archive-wheezy-stable.gpg
-------------------------------------------------------
pub rsa4096 2012-05-08 [SC] [expires: 2019-05-07]
ED6D 6527 1AAC F0FF 15D1 2303 6FB2 A1C2 65FF B764
uid [ unknown] Wheezy Stable Release Key <debian-release@lists.debian.org>
Add missing key using the old way
This method will use /etc/apt/trusted.gpg GPG key public ring file. Therefore I will call it the old way. There is nothing wrong with that method. It just uses a single file to store trusted public keys instead of multiple ones.
If you already know the URL address for the required key, then use wget or curl to download and import the public key.
$ wget --quiet --output-document - https://dl.bintray.com/rabbitmq/Keys/rabbitmq-release-signing-key.asc | sudo apt-key add - OK
$ curl --silent https://dl.bintray.com/rabbitmq/Keys/rabbitmq-release-signing-key.asc | sudo apt-key add - OK
Alternatively, get the public key from a keyserver, import it and delete it afterward.
$ gpg --keyserver pgp.mit.edu --recv-key 6B73A36E6026DFCA
gpg: /home/milosz/.gnupg/trustdb.gpg: trustdb created gpg: key 6B73A36E6026DFCA: public key "RabbitMQ Release Signing Key <info@rabbitmq.com>" imported gpg: no ultimately trusted keys found gpg: Total number processed: 1 gpg: imported: 1
$ gpg --export --armor 6B73A36E6026DFCA | sudo apt-key add - OK
$ gpg --batch --yes --delete-key 6B73A36E6026DFCA
This can be simplified to just one clean step by using apt-key to execute gpg.
$ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-key 6B73A36E6026DFCA
Executing: /tmp/apt-key-gpghome.TfFkjHmH5b/gpg.1.sh --keyserver keyserver.ubuntu.com --recv-key 6B73A36E6026DFCA gpg: key 6B73A36E6026DFCA: public key "RabbitMQ Release Signing Key <info@rabbitmq.com>" imported gpg: Total number processed: 1 gpg: imported: 1 </info@rabbitmq.com>
Regardless of the approach you choose, the outcome will be the same.
$ apt-key list
/etc/apt/trusted.gpg
--------------------
pub rsa4096 2016-05-17 [SC]
0A9A F211 5F46 87BD 2980 3A20 6B73 A36E 6026 DFCA
uid [ unknown] RabbitMQ Release Signing Key <info@rabbitmq.com>
sub rsa4096 2016-05-17 [E]
/etc/apt/trusted.gpg.d/debian-archive-jessie-automatic.gpg
----------------------------------------------------------
pub rsa4096 2014-11-21 [SC] [expires: 2022-11-19]
126C 0D24 BD8A 2942 CC7D F8AC 7638 D044 2B90 D010
uid [ unknown] Debian Archive Automatic Signing Key (8/jessie) <ftpmaster@debian.org>
/etc/apt/trusted.gpg.d/debian-archive-jessie-security-automatic.gpg
-------------------------------------------------------------------
pub rsa4096 2014-11-21 [SC] [expires: 2022-11-19]
D211 6914 1CEC D440 F2EB 8DDA 9D6D 8F6B C857 C906
uid [ unknown] Debian Security Archive Automatic Signing Key (8/jessie) <ftpmaster@debian.org>
/etc/apt/trusted.gpg.d/debian-archive-jessie-stable.gpg
-------------------------------------------------------
pub rsa4096 2013-08-17 [SC] [expires: 2021-08-15]
75DD C3C4 A499 F1A1 8CB5 F3C8 CBF8 D6FD 518E 17E1
uid [ unknown] Jessie Stable Release Key <debian-release@lists.debian.org>
/etc/apt/trusted.gpg.d/debian-archive-stretch-automatic.gpg
-----------------------------------------------------------
pub rsa4096 2017-05-22 [SC] [expires: 2025-05-20]
E1CF 20DD FFE4 B89E 8026 58F1 E0B1 1894 F66A EC98
uid [ unknown] Debian Archive Automatic Signing Key (9/stretch) <ftpmaster@debian.org>
sub rsa4096 2017-05-22 [S] [expires: 2025-05-20]
/etc/apt/trusted.gpg.d/debian-archive-stretch-security-automatic.gpg
--------------------------------------------------------------------
pub rsa4096 2017-05-22 [SC] [expires: 2025-05-20]
6ED6 F5CB 5FA6 FB2F 460A E88E EDA0 D238 8AE2 2BA9
uid [ unknown] Debian Security Archive Automatic Signing Key (9/stretch) <ftpmaster@debian.org>
sub rsa4096 2017-05-22 [S] [expires: 2025-05-20]
/etc/apt/trusted.gpg.d/debian-archive-stretch-stable.gpg
--------------------------------------------------------
pub rsa4096 2017-05-20 [SC] [expires: 2025-05-18]
067E 3C45 6BAE 240A CEE8 8F6F EF0F 382A 1A7B 6500
uid [ unknown] Debian Stable Release Key (9/stretch) <debian-release@lists.debian.org>
/etc/apt/trusted.gpg.d/debian-archive-wheezy-automatic.gpg
----------------------------------------------------------
pub rsa4096 2012-04-27 [SC] [expires: 2020-04-25]
A1BD 8E9D 78F7 FE5C 3E65 D8AF 8B48 AD62 4692 5553
uid [ unknown] Debian Archive Automatic Signing Key (7.0/wheezy) <ftpmaster@debian.org>
/etc/apt/trusted.gpg.d/debian-archive-wheezy-stable.gpg
-------------------------------------------------------
pub rsa4096 2012-05-08 [SC] [expires: 2019-05-07]
ED6D 6527 1AAC F0FF 15D1 2303 6FB2 A1C2 65FF B764
uid [ unknown] Wheezy Stable Release Key <debian-release@lists.debian.org>
You can update the package index.
$ apt-get update
Get:1 http://security.debian.org/debian-security stretch/updates InRelease [63.0 kB] Ign:2 http://ftp.task.gda.pl/debian stretch InRelease Hit:3 http://ftp.task.gda.pl/debian stretch-updates InRelease Hit:4 http://ftp.task.gda.pl/debian stretch Release Ign:5 https://dl.bintray.com/rabbitmq/debian stretch InRelease Get:7 https://dl.bintray.com/rabbitmq/debian stretch Release [54.1 kB] Get:8 https://dl.bintray.com/rabbitmq/debian stretch Release.gpg [821 B] Hit:9 https://dl.bintray.com/rabbitmq/debian stretch/main amd64 Packages Ign:9 https://dl.bintray.com/rabbitmq/debian stretch/main amd64 Packages Get:9 https://dl.bintray.com/rabbitmq/debian stretch/main amd64 Packages [709 B] Hit:9 https://dl.bintray.com/rabbitmq/debian stretch/main amd64 Packages Fetched 118 kB in 2s (49.6 kB/s) Reading package lists... Done
Add missing key using the modern way
This method will use /etc/apt/trusted.gpg.d/ directory to store GPG key public ring files. Therefore I will call it the modern way as it is easier to inspect and organize a bunch of independent files. It is available since the beginning of the 2017 year if my memory serves me correctly (add TrustedParts, so in the future new keyrings can just be dropped commit).
If you already know the URL address for the required public key, then use wget or curl to download and import it. Remember to update file permissions from 600 to 644.
$ wget --quiet --output-document - https://dl.bintray.com/rabbitmq/Keys/rabbitmq-release-signing-key.asc | \ sudo gpg --no-default-keyring --keyring gnupg-ring:/etc/apt/trusted.gpg.d/rabbit.gpg --import OK
$ curl --silent https://dl.bintray.com/rabbitmq/Keys/rabbitmq-release-signing-key.asc | \ sudo gpg --no-default-keyring --keyring gnupg-ring:/etc/apt/trusted.gpg.d/rabbit.gpg --import OK
$ sudo chmod 644 /etc/apt/trusted.gpg.d/rabbit.gpg
Alternatively, get the key from a keyserver, import it and delete it afterward.
$ sudo gpg --no-default-keyring --keyring gnupg-ring:/etc/apt/trusted.gpg.d/rabbit.gpg --keyserver keyserver.ubuntu.com --recv 6B73A36E6026DFCA
gpg: keyring '/etc/apt/trusted.gpg.d/rabbit.gpg' created gpg: key 6B73A36E6026DFCA: public key "RabbitMQ Release Signing Key <info@rabbitmq.com>" imported gpg: no ultimately trusted keys found gpg: Total number processed: 1 gpg: imported: 1
$ sudo chmod 644 /etc/apt/trusted.gpg.d/rabbit.gpg
This can be simplified to just one clean step by using apt-key to execute gpg.
$ sudo apt-key --keyring /etc/apt/trusted.gpg.d/rabbit.gpg adv --no-default-keyring --keyserver keyserver.ubuntu.com --recv 6B73A36E6026DFCA
Regardless of the approach you choose, the outcome will be the same.
$ apt-key list
/etc/apt/trusted.gpg.d/debian-archive-jessie-automatic.gpg
----------------------------------------------------------
pub rsa4096 2014-11-21 [SC] [expires: 2022-11-19]
126C 0D24 BD8A 2942 CC7D F8AC 7638 D044 2B90 D010
uid [ unknown] Debian Archive Automatic Signing Key (8/jessie) <ftpmaster@debian.org>
/etc/apt/trusted.gpg.d/debian-archive-jessie-security-automatic.gpg
-------------------------------------------------------------------
pub rsa4096 2014-11-21 [SC] [expires: 2022-11-19]
D211 6914 1CEC D440 F2EB 8DDA 9D6D 8F6B C857 C906
uid [ unknown] Debian Security Archive Automatic Signing Key (8/jessie) <ftpmaster@debian.org>
/etc/apt/trusted.gpg.d/debian-archive-jessie-stable.gpg
-------------------------------------------------------
pub rsa4096 2013-08-17 [SC] [expires: 2021-08-15]
75DD C3C4 A499 F1A1 8CB5 F3C8 CBF8 D6FD 518E 17E1
uid [ unknown] Jessie Stable Release Key <debian-release@lists.debian.org>
/etc/apt/trusted.gpg.d/debian-archive-stretch-automatic.gpg
-----------------------------------------------------------
pub rsa4096 2017-05-22 [SC] [expires: 2025-05-20]
E1CF 20DD FFE4 B89E 8026 58F1 E0B1 1894 F66A EC98
uid [ unknown] Debian Archive Automatic Signing Key (9/stretch) <ftpmaster@debian.org>
sub rsa4096 2017-05-22 [S] [expires: 2025-05-20]
/etc/apt/trusted.gpg.d/debian-archive-stretch-security-automatic.gpg
--------------------------------------------------------------------
pub rsa4096 2017-05-22 [SC] [expires: 2025-05-20]
6ED6 F5CB 5FA6 FB2F 460A E88E EDA0 D238 8AE2 2BA9
uid [ unknown] Debian Security Archive Automatic Signing Key (9/stretch) <ftpmaster@debian.org>
sub rsa4096 2017-05-22 [S] [expires: 2025-05-20]
/etc/apt/trusted.gpg.d/debian-archive-stretch-stable.gpg
--------------------------------------------------------
pub rsa4096 2017-05-20 [SC] [expires: 2025-05-18]
067E 3C45 6BAE 240A CEE8 8F6F EF0F 382A 1A7B 6500
uid [ unknown] Debian Stable Release Key (9/stretch) <debian-release@lists.debian.org>
/etc/apt/trusted.gpg.d/debian-archive-wheezy-automatic.gpg
----------------------------------------------------------
pub rsa4096 2012-04-27 [SC] [expires: 2020-04-25]
A1BD 8E9D 78F7 FE5C 3E65 D8AF 8B48 AD62 4692 5553
uid [ unknown] Debian Archive Automatic Signing Key (7.0/wheezy) <ftpmaster@debian.org>
/etc/apt/trusted.gpg.d/debian-archive-wheezy-stable.gpg
-------------------------------------------------------
pub rsa4096 2012-05-08 [SC] [expires: 2019-05-07]
ED6D 6527 1AAC F0FF 15D1 2303 6FB2 A1C2 65FF B764
uid [ unknown] Wheezy Stable Release Key <debian-release@lists.debian.org>
/etc/apt/trusted.gpg.d/rabbit.gpg
---------------------------------
pub rsa4096 2016-05-17 [SC]
0A9A F211 5F46 87BD 2980 3A20 6B73 A36E 6026 DFCA
uid [ unknown] RabbitMQ Release Signing Key <info@rabbitmq.com>
sub rsa4096 2016-05-17 [E]
You can update the package index.
$ sudo apt-get update
Ign:1 http://ftp.task.gda.pl/debian stretch InRelease Hit:2 http://ftp.task.gda.pl/debian stretch-updates InRelease Hit:3 http://security.debian.org/debian-security stretch/updates InRelease Hit:4 http://ftp.task.gda.pl/debian stretch Release Ign:5 https://dl.bintray.com/rabbitmq/debian stretch InRelease Hit:7 https://dl.bintray.com/rabbitmq/debian stretch Release Reading package lists... Done
Common issues
The key in the keyring is ignored as the file is not readable by user _apt
Update GPG key public ring file permissions to 644 if you see the following error.
$ apt-get update
Ign:1 http://ftp.task.gda.pl/debian stretch InRelease Hit:2 http://ftp.task.gda.pl/debian stretch-updates InRelease Hit:3 http://security.debian.org/debian-security stretch/updates InRelease Hit:4 http://ftp.task.gda.pl/debian stretch Release Ign:5 https://dl.bintray.com/rabbitmq/debian stretch InRelease Get:6 https://dl.bintray.com/rabbitmq/debian stretch Release [54.1 kB] Get:7 https://dl.bintray.com/rabbitmq/debian stretch Release.gpg [821 B] Ign:7 https://dl.bintray.com/rabbitmq/debian stretch Release.gpg Hit:9 https://dl.bintray.com/rabbitmq/debian stretch/main amd64 Packages Ign:9 https://dl.bintray.com/rabbitmq/debian stretch/main amd64 Packages Get:9 https://dl.bintray.com/rabbitmq/debian stretch/main amd64 Packages [709 B] Hit:9 https://dl.bintray.com/rabbitmq/debian stretch/main amd64 Packages Fetched 54.9 kB in 1s (48.8 kB/s) Reading package lists... Done W: http://ftp.task.gda.pl/debian/dists/stretch-updates/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/rabbit.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: http://security.debian.org/debian-security/dists/stretch/updates/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/rabbit.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: http://ftp.task.gda.pl/debian/dists/stretch/Release.gpg: The key(s) in the keyring /etc/apt/trusted.gpg.d/rabbit.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: https://dl.bintray.com/rabbitmq/debian/dists/stretch/Release.gpg: The key(s) in the keyring /etc/apt/trusted.gpg.d/rabbit.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: GPG error: https://dl.bintray.com/rabbitmq/debian stretch Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 6B73A36E6026DFCA W: The repository 'https://dl.bintray.com/rabbitmq/debian stretch Release' is not signed. N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use. N: See apt-secure(8) manpage for repository creation and user configuration details.
The key in the keyring is not recognized
You need to use GPG key public ring file, not the GPG keybox database. That is why I prefix keyring with a gnupg-ring: scheme.
$ apt-get update
Ign:1 http://ftp.task.gda.pl/debian stretch InRelease Hit:2 http://ftp.task.gda.pl/debian stretch-updates InRelease Hit:3 http://security.debian.org/debian-security stretch/updates InRelease Hit:4 http://ftp.task.gda.pl/debian stretch Release Ign:5 https://dl.bintray.com/rabbitmq/debian stretch InRelease Get:7 https://dl.bintray.com/rabbitmq/debian stretch Release [54.1 kB] Get:8 https://dl.bintray.com/rabbitmq/debian stretch Release.gpg [821 B] Ign:8 https://dl.bintray.com/rabbitmq/debian stretch Release.gpg Get:9 https://dl.bintray.com/rabbitmq/debian stretch/main amd64 Packages [867 B] Fetched 55.8 kB in 2s (24.8 kB/s) Reading package lists... Done W: GPG error: https://dl.bintray.com/rabbitmq/debian stretch Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 6B73A36E6026DFCA W: The repository 'https://dl.bintray.com/rabbitmq/debian stretch Release' is not signed. N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use. N: See apt-secure(8) manpage for repository creation and user configuration details.
The following file will not be used.
$ file /etc/apt/trusted.gpg.d/rabbit.gpg
rabbit.gpg: GPG keybox database version 1, created-at Thu Jan 25 186:41:01 2018, last-maintained Thu Jan 25 16:41:01 2018
The following file will be used.
$ file /etc/apt/trusted.gpg.d/rabbit.gpg
rabbit.gpg: GPG key public ring, created Tue May 17 09:09:50 2016
Additional notes
Please read Secure APT documentation.
apt-key is a shell script, so you can inspect and debug it to learn how it works.
Many other keyservers can be used to get the public key like keyserver.ubuntu.org, pgp.mit.edu and a pool keys.gnupg.net.
$ host keys.gnupg.net
keys.gnupg.net is an alias for hkps.pool.sks-keyservers.net. hkps.pool.sks-keyservers.net has address 193.224.163.43 hkps.pool.sks-keyservers.net has address 216.66.15.2 hkps.pool.sks-keyservers.net has address 18.9.60.141 hkps.pool.sks-keyservers.net has address 192.94.109.73 hkps.pool.sks-keyservers.net has address 37.191.226.104 hkps.pool.sks-keyservers.net has address 51.15.0.17 hkps.pool.sks-keyservers.net has address 193.164.133.100 hkps.pool.sks-keyservers.net has address 176.9.147.41 hkps.pool.sks-keyservers.net has IPv6 address 2606:1c00:2802::b hkps.pool.sks-keyservers.net has IPv6 address 2a02:c205:3001:3626::1 hkps.pool.sks-keyservers.net has IPv6 address 2001:bc8:214f:200::1 hkps.pool.sks-keyservers.net has IPv6 address 2001:470:1:116::6 hkps.pool.sks-keyservers.net has IPv6 address 2001:738:0:600:216:3eff:fe02:42