ERROR: Unable to fetch GPG key from keyserver

I tried to launch lxc container. But when I give

sudo lxc-create -t download ubuntu -n web1

it shows this error

ERROR: Unable to fetch GPG key from keyserver

How to solve the issue?

Without knowing what version of Ubuntu you're using and without knowing what version of lxc-create you have, I'm just going to assume it's 20.04 and 4.0.6, respectively.

You can see here that by default it's going to look at the $DOWNLOAD_KEYSERVER environment variable and, if that's not set, by default it will use hkp://pool.sks-keyservers.net.

If you run dig pool.sks-keyservers.net you can see it's returning an NXDOMAIN status:

$ dig pool.sks-keyservers.net

; <<>> DiG 9.16.1-Ubuntu <<>> pool.sks-keyservers.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39707
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;pool.sks-keyservers.net.   IN  A

;; Query time: 47 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Tue Aug 31 20:22:44 PST 2021
;; MSG SIZE  rcvd: 52

If you go to https://sks-keyservers.net you will see a message indicating that due to repeated GDPR requests they have stopped serving the pool's DNS records. Later versions of LXC are hardcoding hkp://keyserver.ubuntu.com for this value instead.

To use that, you can do:

$ DOWNLOAD_KEYSERVER="hkp://keyserver.ubuntu.com" lxc-create -t download -n my-container

Or just export the variable before running the command, e.g. export DOWNLOAD_KEYSERVER="hkp://keyserver.ubuntu.com".