Opened 6 years ago
Closed 6 years ago
#17611 closed defect (wontfix)
natdnshostresolver breaks gpg key importing
| Reported by: | lfmeloman | Owned by: | |
|---|---|---|---|
| Component: | network/NAT | Version: | VirtualBox 5.2.8 |
| Keywords: | Cc: | ||
| Guest type: | Linux | Host type: | Windows |
Description
The initial need was to resolve on a Linux guest the host's /etc/hosts entries and also to resolve both LAN and VPN addresses when VPN is established on host.
I made the following preferences:
VBoxManage modifyvm "vmname" --natdnspassdomain1 on
VBoxManage modifyvm "vmname" --natdnsproxy1 off
VBoxManage modifyvm "vmname" --natdnshostresolver1 on
Eventually I needed to verify a coreutils tarball signature and I ran:
[il@arch ~]$ gpg --keyserver keys.gnupg.net --recv-keys DF6FD971306037D9
gpg: keyserver receive failed: Server indicated a failure
No communication was made with keys.gnupg.net, but there was a suspicious DNS talk:
[root@arch il]# sudo tcpdump -i enp0s8 -nn
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on enp0s8, link-type EN10MB (Ethernet), capture size 262144 bytes
10:27:54.382547 IP 10.0.3.15.10799 > 10.0.3.3.53: 55424+ SRV? _pgpkey-https._tcp.hkps.pool.sks-keyservers.net. (65)
10:27:54.383019 IP 10.0.3.3.53 > 10.0.3.15.10799: 55424 NotImp 0/0/0 (65)
10:27:54.383077 IP 10.0.3.15.10799 > 10.0.3.3.53: 28762+ Type0 (Class 8448)? _pgpkey-https._tcp.hkps.pool.sks-keyservers.net. (66)
10:27:54.383396 IP 10.0.3.3.53 > 10.0.3.15.10799: 28762 NotImp 0/0/0 (66)
Temporary changing the guest's /etc/resolv.conf to a non-Vbox dns server allowed me to import the key.
Note:
See TracTickets
for help on using tickets.
Host resolver, by design, provides only a very limited functionality. It only supports forward (A/CNAME) and reverse (PTR) address resolution.