Installing a new SKS server

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
10 messages Options
Reply | Threaded
Open this post in threaded view
|

Installing a new SKS server

Kim Minh Kaplan
Hello,

I just installed sks-1.0.10.  Before trying to synchronize with others
keyservers, my understanding is that I need to import a dump.  But
where do I get this dump from?

Kim Minh.
--
http://www.kim-minh.com/


_______________________________________________
Sks-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: Installing a new SKS server

Chris Kuethe-2
I assume that was you grabbing my latest keydump - let me know when you've
got it loaded and the name of your server, and I'll add you to my peers list.

CK

On Sun, 12 Aug 2007, Kim Minh Kaplan wrote:

> Hello,
>
> I just installed sks-1.0.10.  Before trying to synchronize with others
> keyservers, my understanding is that I need to import a dump.  But
> where do I get this dump from?
>
> Kim Minh.
> --
> http://www.kim-minh.com/
>
>
> _______________________________________________
> Sks-devel mailing list
> [hidden email]
> http://lists.nongnu.org/mailman/listinfo/sks-devel
>

--
Chris Kuethe, GCIA: Secure Systems Specialist - U of A AICT
      office: 157 General Services Bldg.    +1.780.492.8135
              chris.kuethe@[pyxis.cns.]ualberta.ca

     GDB has a 'break' feature; why doesn't it have 'fix' too?


_______________________________________________
Sks-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: Installing a new SKS server

Jack Cummings
On Sun, Aug 12, 2007 at 09:05:17PM -0600, Chris Kuethe wrote:

> I assume that was you grabbing my latest keydump - let me know when you've
> got it loaded and the name of your server, and I'll add you to my peers list.
 
Monthly keydumps sound like a good use for torrents.

--Jack

--
Jack (John) Cummings                           http://mudshark.org/
PGP fingerprint: F18B 13A3 6D06 D48A 598D  42EA 3D53 BDC8 7917 F802

_______________________________________________
Sks-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/sks-devel

attachment0 (198 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Installing a new SKS server

Kim Minh Kaplan
In reply to this post by Chris Kuethe-2
On 8/13/07, Chris Kuethe <[hidden email]> wrote:
> I assume that was you grabbing my latest keydump - let me know when you've
> got it loaded and the name of your server, and I'll add you to my peers list.

Yes, thank you.  There where some errors for transferring some files
but I think I retransfered the faulty files.  May be a MD5SUM to
verify the files would be a good thing.  Anyway I am now building the
database.  When that is done my server will be
hkp://keyserver.kim-minh.com.

By the way, the reverse DNS is *not* keyserver.kim-minh.com but
sd-4214.dedibox.fr.  I hope this is not a problem for SKS.

Thank you for the dump and the peering.
--
Kim Minh.
http://www.kim-minh.com/


_______________________________________________
Sks-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

New SKS server looking for peers (was Re: Installing a new SKS server)

Kim Minh Kaplan
In reply to this post by Chris Kuethe-2
Chris Kuethe <[hidden email]> writes:

> I assume that was you grabbing my latest keydump - let me know when you've
> got it loaded and the name of your server, and I'll add you to my peers list.

Thank you Chris, my SKS server is up and running on
keyserver.kim-minh.com port 11371 for hkp and 11370 for the "sks
recon".  Should I add something to my config?  Do I have to restart
the "sks db" or "sks recon" when I change a peer?

Thank you.


_______________________________________________
Sks-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: New SKS server looking for peers (was Re: Installing a new SKS server)

Kristian Fiskerstrand-2
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Kim Minh Kaplan wrote, On 08/13/2007 12:17 PM:

> Chris Kuethe <[hidden email]> writes:
>
>> I assume that was you grabbing my latest keydump - let me know when you've
>> got it loaded and the name of your server, and I'll add you to my peers list.
>
> Thank you Chris, my SKS server is up and running on
> keyserver.kim-minh.com port 11371 for hkp and 11370 for the "sks
> recon".  Should I add something to my config?  Do I have to restart
> the "sks db" or "sks recon" when I change a peer?
>
> Thank you.

I added it to the following SKS keyservers' membership files:
keys.kfwebs.net 11370
keys2.kfwebs.net 11370

No, you don't have to restart the daemon when changing the membership file.

- --
- ----------------------------
Kristian Fiskerstrand
[hidden email]
http://www.kfwebs.net
- ----------------------------
Veni vidi visa
I came, I saw, I bought
- ----------------------------
This email was digitally signed using the OpenPGP
standard. If you want to read more about this, visit:
http://www.secure-my-email.com
- ----------------------------
Public PGP key 0x6B0B9508 at http://www.kfwebs.net/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.3 (GNU/Linux)

iQIVAwUBRsBnthbgz41rC5UIAQh03g/9HFnv1JAu2XDlrpLP62BML1NadQZH/hzV
b9ww9c/wQYybIrAZ1n9G9hhq21p1PLCP2IMQisJBDbgnvgDhsTegJVNnL5CZMSdS
GO42Bq3KMYUSVpBQwLxvTMR33cU1DV6CAbla8UROazazD3TxVrkL1OOArcmOprMJ
WudUj288ArvWVP6LQbOovaE2qLUrwVqejRxofzBBYODfbpqLUgMGARA1Cqypj8Dd
TcI5kFXfgsuA621WlwvIqE6hgrjymf5EAziqxIIjl3izurBNrLedk5YYa9lYmICu
gu2QrySLWTbcN3kGKPqUqq8e3vg4ejBDZLNawTCDoOnnf8xtQOsZtNNVIbs9ziGL
k3oO9hifNchzM260y4vv6H90nuC3i5gJFfA0xH5jl4TOuKDN7ZePNnNKZJAklVFo
Tny5EQR84TnloO51Y8VjmPQHOp0i5/tS+CauDp6dYSE9jpnde+R26btCxIAQlXki
E93fx47KPbxEAvtG2CW/cwKT5OBb6v42qhwPVG3WQkQpTvCbjNKw5LfhRq7o7GQ1
52x2HL7c+D28l0ycm+aIVaozVA0lbOf9NOF7iM8VFnjUaiqR8PYhSqXwxYnwr2Tf
S58evjlq6oCQjgUt6LqqdxmeuB828Ld1QikntyElHcbP3Gc5IizR0fNbwbw6JqOa
1ksPAPi2PC4=
=UmJt
-----END PGP SIGNATURE-----


_______________________________________________
Sks-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: Installing a new SKS server

Chris Kuethe-2
In reply to this post by Jack Cummings
On Sun, 12 Aug 2007, Jack Cummings wrote:

> On Sun, Aug 12, 2007 at 09:05:17PM -0600, Chris Kuethe wrote:
>
> > I assume that was you grabbing my latest keydump - let me know when you've
> > got it loaded and the name of your server, and I'll add you to my peers list.
>  
> Monthly keydumps sound like a good use for torrents.

Yes, though I don't mind leaving a not-too-outdated dump up at
ftp://pgp.srv.ualberta.ca/

--
Chris Kuethe, GCIA: Secure Systems Specialist - U of A AICT
      office: 157 General Services Bldg.    +1.780.492.8135
              chris.kuethe@[pyxis.cns.]ualberta.ca

     GDB has a 'break' feature; why doesn't it have 'fix' too?


_______________________________________________
Sks-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: Installing a new SKS server

Ron Peterson
In reply to this post by Jack Cummings
2007-08-13_00:20:59-0400 Jack Cummings <[hidden email]>:
> On Sun, Aug 12, 2007 at 09:05:17PM -0600, Chris Kuethe wrote:
>
> > I assume that was you grabbing my latest keydump - let me know when you've
> > got it loaded and the name of your server, and I'll add you to my peers list.
>  
> Monthly keydumps sound like a good use for torrents.

I like that idea.  I don't mind setting one up, but I've got to get
through the end of summer crunch first.

--
Ron Peterson
Network & Systems Manager
Mount Holyoke College
http://www.mtholyoke.edu/~rpeterso


_______________________________________________
Sks-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: Installing a new SKS server

Chris Kuethe-2
On Mon, 13 Aug 2007, Ron Peterson wrote:

> 2007-08-13_00:20:59-0400 Jack Cummings <[hidden email]>:
> > On Sun, Aug 12, 2007 at 09:05:17PM -0600, Chris Kuethe wrote:
> >
> > > I assume that was you grabbing my latest keydump - let me know when you've
> > > got it loaded and the name of your server, and I'll add you to my peers list.
> >  
> > Monthly keydumps sound like a good use for torrents.
>
> I like that idea.  I don't mind setting one up, but I've got to get
> through the end of summer crunch first.

It occurs to me that this may not work as well as one might like.
Everybody's keydump is going to be slightly different based on
what order keys were loaded, last update time, where a given update
was injected into the net ... to me that suggest that we'll have
40 servops all downloading a torrent they don't really need.

So long as the keydump is within a few thousand keys of the full
keyring, I think that's probably sufficient to bootstrap a server.
Also, how often do keydumps actually get used?

At least for users at other academic institutions, it makes sense
to have a dump available via FTP - this may suffer less a the hands
of the traffic shapers that are getting so common these days.

If others would see value in this, I'm willing to schedule a weekly
or monthly dump and leave it open for all interested parties...

CK

--
Chris Kuethe, GCIA: Secure Systems Specialist - U of A AICT
      office: 157 General Services Bldg.    +1.780.492.8135
              chris.kuethe@[pyxis.cns.]ualberta.ca

     GDB has a 'break' feature; why doesn't it have 'fix' too?


_______________________________________________
Sks-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: Installing a new SKS server

Ron Peterson
2007-08-13_14:44:34-0400 Chris Kuethe <[hidden email]>:

> On Mon, 13 Aug 2007, Ron Peterson wrote:
>
> > 2007-08-13_00:20:59-0400 Jack Cummings <[hidden email]>:
> > > On Sun, Aug 12, 2007 at 09:05:17PM -0600, Chris Kuethe wrote:
> > >
> > > > I assume that was you grabbing my latest keydump - let me know when you've
> > > > got it loaded and the name of your server, and I'll add you to my peers list.
> > >  
> > > Monthly keydumps sound like a good use for torrents.
> >
> > I like that idea.  I don't mind setting one up, but I've got to get
> > through the end of summer crunch first.
>
> It occurs to me that this may not work as well as one might like.
> Everybody's keydump is going to be slightly different based on
> what order keys were loaded, last update time, where a given update
> was injected into the net ... to me that suggest that we'll have
> 40 servops all downloading a torrent they don't really need.

I'm willing to post a somewhat current keydump from time to time that
people can download if they like.  If folks want to subscribe to
multiple almost identical torrents, that's their problem, not mine... ;)

> At least for users at other academic institutions, it makes sense
> to have a dump available via FTP - this may suffer less a the hands
> of the traffic shapers that are getting so common these days.

True.  I don't think it's an either/or situation, though.  Why penalize
organizations that aren't so coercive?

> If others would see value in this, I'm willing to schedule a weekly
> or monthly dump and leave it open for all interested parties...

Let's do both!

--
Ron Peterson
Network & Systems Manager
Mount Holyoke College
http://www.mtholyoke.edu/~rpeterso


_______________________________________________
Sks-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/sks-devel