#990686 dirmngr: any keyserver operations fail because of dirmngr using Tor

Package:
dirmngr
Source:
gnupg2
Description:
GNU privacy guard - network certificate management service
Submitter:
Christoph Anton Mitterer
Date:
2021-07-04 18:15:04 UTC
Severity:
normal
#990686#5
Date:
2021-07-04 18:07:21 UTC
From:
To:
Hi.

It seesm with a default configuration of gnupg (and Tor) any keyserver operations
like --refresh-keys --search-keys --recv-keys fail with errors like:
gpg: keyserver refresh failed: Permission denied

Debug mode shows dirmngr is the reason:
gpg: DBG: chan_3 <- ERR 167804929 Permission denied <Dirmngr>
gpg: keyserver refresh failed: Permission denied


and it seems to turn out that this uses Tor by default and apparently in an improper
manner:
Tor[2100]: Your application (using socks5 to port 53) is giving Tor only an IP address. Applications that do DNS resolves themselves may leak information. Consider using Socks4A (e.g. via privoxy or socat) instead. For more information, please see https://2019.www.torproject.org/docs/faq.html.en#WarningsAboutSOCKSandDNSInformationLeaks. Rejecting.


Not sure whether it would be a good workaround to simply disable tor per default.
Can't dirmngr switch to sock 4a?


Thanks,
Chris.