I have disabled icmp on my server as I don't need to ping anything and icmp does present a small security risk.

However, I have noticed that every time I run the slackpkg update gpg command to update Slackware, it always attempts to ping the site before failing and then allows me to update Slackware.

Is there anyway to disable the ping aspect of this command.

What security risk? There will be a risk of networking problems if you have disabled destination unreachable or fragmentation needed ICMP packets.
What do you mean by 'every time'? When you run slackpkg for the first time ever, it will download and install the gpg key automatically. You should not install it ever again.
It's in /usr/libexec/slackpkg/core-functions.sh. Look for function get_gpg_key. Change the first line
to

Some sites do have a policy of blocking icmp echo which could prevent what would have otherwise been a successful download from even being attempted.

Seems both overcomplicated and redundant. Why not just run:
gpg --fetch-keys "https://www.slackware.com/infra/keys/GPG-KEY"

... and then check the return value.

I didn't realise that you only needed to run slackpkg update gpg once only. I just assumed that the key got updated periodically. If I don't need to run this command every time I update Slackware, then I am not worried about the ping issue - if this will only occur when I install Slackware for the first.

My current upgrade instructions are as follows:

I have always followed this religiously ever since I borked the system by not rebooting after updating aaa_glibc-solibs libraries. Once I have done all that, I then run the procedure again, but with the kernel updates allowed in the blacklist file to update kernel itself.

Why block/restrict/ icmp, dns and ntp connections?

https://www.paloaltonetworks.co.uk/c...-dns-tunneling

https://blogs.blackberry.com/en/2023...and-prevention

https://www.blackhillsinfosec.com/dn...cobalt-strike/

The above explain how dns can be abused by bad actors. Somewhere I saw similar articles for using ntp port 123 being abused by bad actors.
ICMP can technically be abused by bad actors as well. For me, the key thing is that I don't use ping for anything. The only thing that is blocked in the firewall is the ping for slackware update hence the question. Given that there are real world examples of abuse of dns and ntp open ports, it doesn't make any sense to open icmp ports if I don't even use icmp.

However, I will mark the question as solved because if I only have to run gpg update once when installing Slackware, then it's not an issue.

Yes, the Slackware Linux Project gpg key was created 2003-02-26 and it will expire 2038-01-19. There is no need to reinstall it before expiration.

About ICMP. It's not about you not wanting to use the ping command but ICMP is needed for the networking to operate. See, for example https://en.wikipedia.org/wiki/Path_MTU_Discovery.

Thank you. I have updated my documentation to reflect that the key will only need to be updated in 2038 so only needs to be installed once when you install Slackware and run for the first time.

I don't know if the reason that I don't see the message is because it's considered part of an established session, but I don't see any dropped connections relating to icmp. However, it could just be because the server in question only accesses around a dozen or so websites mainly for updates. The only and single error message is the the gpg update issue.

I will look into the Path MTU Discovery issue. The initial search results indicate that this is more likely to be a problem with older technology and software. But I will research it properly when I have more time. However as I don't see any error messages in the firewall logs, I am not sure that this is an issue for this server.