Access Denied for the grafana gpg key

Hi guys,

i have a problem:

# curl -v
*   Trying
* Connected to ( port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server accepted to use h2
* Server certificate:
*  subject:
*  start date: May  1 09:18:27 2023 GMT
*  expire date: Jul 30 09:18:26 2023 GMT
*  subjectAltName: host "" matched cert's ""
*  issuer: C=US; O=Let's Encrypt; CN=R3
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x55a188b582c0)
> GET /gpg.key HTTP/2
> Host:
> user-agent: curl/7.74.0
> accept: */*
* Connection state changed (MAX_CONCURRENT_STREAMS == 100)!
< HTTP/2 403 
< server: Varnish
< retry-after: 0
< content-type: text/plain
< accept-ranges: bytes
< date: Mon, 26 Jun 2023 14:53:46 GMT
< via: 1.1 varnish
< x-served-by: cache-fra-eddf8230082-FRA
< x-cache: MISS
< x-cache-hits: 0
< x-timer: S1687791226.149375,VS0,VE0
< content-length: 38
* Connection #0 to host left intact
Sorry, the provided token is not valid

Get permission denied…
Debian 11

What can be wrong here ?


Hi Michael,

Please see this post as it seems you might have the same issue:

Hi Usman,

i dont have the same issue. It seems that my IP is blocked from grafana side. As you can see a simple curl or wget is not working. So it is not possible for me to download the new key.


What is your Geo location?

“city”: “Karlsruhe”,
“region”: “Baden-Wurttemberg”,
“country”: “DE”,
“loc”: “49.0111,8.3601”,
“org”: “AS197540 netcup GmbH”,
“postal”: “76185”,

So, I get the same message as you.

If I go at the link, get this message

Sorry, the requested url was not found

It’s not about the IP being blocked.

Please read the instructions at

Also, I am not sure but my feeling is that you simply want to install Grafana on a Debian.

For that you simply follow our installation guide:

OR more easier:

Let us know if this helps.

Good Morning Usaman,

i am sorry but grafana was long running on our Server. Did regualary updates etc…

I get:

monitoring ~ # mkdir -p /etc/apt/keyrings/
monitoring ~ # wget -q -O - | gpg --dearmor > /etc/apt/keyrings/grafana.gpg
gpg: no valid OpenPGP data found.
monitoring ~ # wget -v -O -
--2023-07-16 07:50:59--
Resolving (,,, ...
Connecting to (||:443... connected.
HTTP request sent, awaiting response... 403 Access Denied
2023-07-16 07:50:59 ERROR 403: Access Denied.

It is a simple 403. Access Denied. On other Hosts it is working. The Issue is only related to this Server…

Whats the problem here ?

monitoring ~ # wget
--2023-07-17 14:22:02--
Resolving (,, 2a04:4e42:4c::729, ...
Connecting to (||:443... connected.
HTTP request sent, awaiting response... 451 geofence:blocked
2023-07-17 14:22:02 ERROR 451: geofence:blocked.

Just curious to know if you are using Grafana OSS or a Enterprise version?

OSS Version. Dont understand why the IP or a Range is blocked…

The same is here

~]# curl
Sorry, the provided token is not valid

 ~]# host is an alias for has address has IPv6 address 2a04:4e42:78::729

It’s from US. Any suggestions?