Strange case

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

Strange case

Paul Fontela

Hello everyone,
I just saw that one of my sks servers is out of the list at https://sks-keyservers.net/status/, the server is:
a.0.keysnode.ispfontela.es

I have reviewed the logs, both the recon.log and the nginx / access.log I have seen something that I do not understand.

Until the day 04-24-2018 these lines appeared: (nginx/access.log)
2018-04-27T21: 25: 22 + 02: 00 "POST / pks / hashquery HTTP / 1.0" 200 8989 "-" "-"
2018-04-27T21: 26: 21 + 02: 00 "POST / pks / hashquery HTTP / 1.0" 200 16839 "-" "-"

from that day I see that they are: 
(nginx/access.log)

2018-05-19T20: 44: 10 + 02: 00 "POST / pks / hashquery HTTP / 1.0" 301 556 "-" "-"
2018-05-19T20: 46: 08 + 02: 00 "POST / pks / hashquery HTTP / 1.0" 301 556 "-" "-"
2018-05-19T20: 47: 10 + 02: 00 "POST / pks / hashquery HTTP / 1.0" 301 556 "-" "-"
2018-05-19T20: 47: 38 + 02: 00 "POST / pks / hashquery HTTP / 1.0" 301 556 "-" "-"
2018-05-19T21: 02: 18 + 02: 00 "POST / pks / hashquery HTTP / 1.0" 301 556 "-" "-"
2018-05-19T21: 03: 01 + 02: 00 "POST / pks / hashquery HTTP / 1.0" 301 556 "-" "-"
2018-05-19T21: 04: 14 + 02: 00 "POST / pks / hashquery HTTP / 1.0" 301 556 "-" "-"
2018-05-19T21: 04: 53 + 02: 00 "POST / pks / hashquery HTTP / 1.0" 301 556 "-" "-"
2018-05-19T21: 05: 14 + 02: 00 "POST / pks / hashquery HTTP / 1.0" 301 556 "-" "-"
2018-05-19T21: 06: 18 + 02: 00 "POST / pks / hashquery HTTP / 1.0" 301 556 "-" "-"
2018-05-19T21: 09: 02 + 02: 00 "POST / pks / hashquery HTTP / 1.0" 301 556 "-" "-"
2018-05-19T21: 11: 05 + 02: 00 "POST / pks / hashquery HTTP / 1.0" 301 556 "-" "-"
2018-05-19T21: 12: 09 + 02: 00 "POST / pks / hashquery HTTP / 1.0" 301 556 "-" "-"
2018-05-19T21: 13: 13 + 02: 00 "POST / pks / hashquery HTTP / 1.0" 301 556 "-" "-"
2018-05-19T21: 14: 15 + 02: 00 "POST / pks / hashquery HTTP / 1.0" 301 556 "-" "-"
2018-05-19T21: 15: 03 + 02: 00 "POST / pks / hashquery HTTP / 1.0" 301 556 "-" "-"


This server has always worked fine and suddenly disappeared from the list although I see that it continues to synchronize keys with other servers.

2018-05-19 21:16:53 Requesting 2 missing keys from 18.195.89.235:11371 , starting with 17AC96D9071BCEBACB5DF615539D8C2C
2018-05-19 21:16:54 2 keys received
2018-05-19 21:17:38     2 hashes recovered from 2600:1f16:940:9410:e6da:7ef6:f698:d529:11371
2018-05-19 21:17:38     17AC96D9071BCEBACB5DF615539D8C2C
2018-05-19 21:17:38     51633AA0A087DBA222319105C79CFA78
2018-05-19 21:17:40 Requesting 2 missing keys from 2600:1f16:940:9410:e6da:7ef6:f698:d529:11371 , starting with 17AC96D9071BCEBACB5DF615539D8C2C
2018-05-19 21:17:40 2 keys received
2018-05-19 21:18:39     2 hashes recovered from 2600:1f14:90:3500:96f4:b3df:bcc1:2e0e:11371
2018-05-19 21:18:39     17AC96D9071BCEBACB5DF615539D8C2C
2018-05-19 21:18:39     51633AA0A087DBA222319105C79CFA78
2018-05-19 21:18:39 Requesting 2 missing keys from 2600:1f14:90:3500:96f4:b3df:bcc1:2e0e:11371 , starting with 17AC96D9071BCEBACB5DF615539D8C2C
2018-05-19 21:18:40 2 keys received
2018-05-19 21:19:39     2 hashes recovered from 85.152.24.136:11371
2018-05-19 21:19:39     17AC96D9071BCEBACB5DF615539D8C2C
2018-05-19 21:19:39     51633AA0A087DBA222319105C79CFA78
2018-05-19 21:19:40 Requesting 2 missing keys from 85.152.24.136:11371 , starting with 17AC96D9071BCEBACB5DF615539D8C2C
2018-05-19 21:19:41 2 keys received
2018-05-19 21:20:42 <recon as client> error in callback.: Sys_error("Connection reset by peer")
2018-05-19 21:21:45     4 hashes recovered from 2600:1f18:4680:a400:30cc:39a9:a3ff:ec65:11371
2018-05-19 21:21:45     17AC96D9071BCEBACB5DF615539D8C2C
2018-05-19 21:21:45     241536681B64B79AD2DF58C69DEA1C77
2018-05-19 21:21:45     3C55EE1D9642CEF743E18143C6E28A3C
2018-05-19 21:21:45     51633AA0A087DBA222319105C79CFA78
2018-05-19 21:21:45 Requesting 4 missing keys from 2600:1f18:4680:a400:30cc:39a9:a3ff:ec65:11371 , starting with 17AC96D9071BCEBACB5DF615539D8C2C
2018-05-19 21:21:45 4 keys received
2018-05-19 21:21:45 Added 3 hash-updates. Caught up to 1526757705.698082




I apologize for this lengthy message.

What could have happened?


A greeting
Paul Fontela

-- 

Paul Fontela
keyserver.ispfontela.es 	11370	# Paul Fontela [hidden email] 0x31743FFC33E746C5
a.0.keysnode.ispfontela.es	11370	# Paul Fontela Gmail [hidden email] 0x3D7FCDA03AAD46F1

_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: Strange case

brent s.
On 05/19/2018 03:26 PM, Paul Fontela wrote:

> Hello everyone,
> I just saw that one of my sks servers is out of the list at
> https://sks-keyservers.net/status/, the server is:
> a.0.keysnode.ispfontela.es
>
> I have reviewed the logs, both the recon.log and the nginx / access.log
> I have seen something that I do not understand.
>
> Until the day 04-24-2018 these lines appeared: (nginx/access.log)
> 2018-04-27T21: 25: 22 + 02: 00 "POST / pks / hashquery HTTP / 1.0" 200
> 8989 "-" "-"
> 2018-04-27T21: 26: 21 + 02: 00 "POST / pks / hashquery HTTP / 1.0" 200
> 16839 "-" "-"
>
> from that day I see that they are:  (nginx/access.log)
>
> 2018-05-19T20: 44: 10 + 02: 00 "POST / pks / hashquery HTTP / 1.0" 301
> 556 "-" "-"
(SNIP)
>
>
>
>
> I apologize for this lengthy message.
>
> What could have happened?
>

A 301 means it was redirected to another URL.

I recommend you enable debug logging in your Nginx to determine where,
exactly, it's redirecting to and why. Warning- it will give you a LOT of
information to sift through, so sit down with a cup of tea and take your
time reading it.

To enable debug logging in Nginx (just a note that not all
distributions' Nginx package build support for it, in which case they
usually offer a separate package that has support for it), change your
error log line from:

  error_log /some/path/to/error/log;

to:

error_log /some/path/to/error/log debug;

And reload Nginx. Look for matches to that URL path and the subsequent
301 request. This feels like an Nginx configuration issue.

--
brent saner
https://square-r00t.net/
GPG info: https://square-r00t.net/gpg-info


_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel

signature.asc (915 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Strange case

Paul Fontela
Hi,
Thanks Brent, I have solved the first part of the matter.

It was a redirection http to https that had installed letsencrypt, I
have removed it and now the nginx log is well visible.
2018-05-20T01: 22: 38 + 02: 00 "POST / pks / hashquery HTTP / 1.0" 200
2585 "

Now we just need to find out why the server a.0.keysnode.ispfontela.es
on the list https://sks-keyservers.net/status/ has disappeared, I guess
that will be a matter of time.

Thank you very much.
a greeting
Paul Fontela





El 2018-05-20 00:57, brent s. escribió:

> On 05/19/2018 03:26 PM, Paul Fontela wrote:
>> Hello everyone,
>> I just saw that one of my sks servers is out of the list at
>> https://sks-keyservers.net/status/, the server is:
>> a.0.keysnode.ispfontela.es
>>
>> I have reviewed the logs, both the recon.log and the nginx /
>> access.log
>> I have seen something that I do not understand.
>>
>> Until the day 04-24-2018 these lines appeared: (nginx/access.log)
>> 2018-04-27T21: 25: 22 + 02: 00 "POST / pks / hashquery HTTP / 1.0" 200
>> 8989 "-" "-"
>> 2018-04-27T21: 26: 21 + 02: 00 "POST / pks / hashquery HTTP / 1.0" 200
>> 16839 "-" "-"
>>
>> from that day I see that they are:  (nginx/access.log)
>>
>> 2018-05-19T20: 44: 10 + 02: 00 "POST / pks / hashquery HTTP / 1.0" 301
>> 556 "-" "-"
> (SNIP)
>>
>>
>>
>>
>> I apologize for this lengthy message.
>>
>> What could have happened?
>>
>
> A 301 means it was redirected to another URL.
>
> I recommend you enable debug logging in your Nginx to determine where,
> exactly, it's redirecting to and why. Warning- it will give you a LOT
> of
> information to sift through, so sit down with a cup of tea and take
> your
> time reading it.
>
> To enable debug logging in Nginx (just a note that not all
> distributions' Nginx package build support for it, in which case they
> usually offer a separate package that has support for it), change your
> error log line from:
>
>   error_log /some/path/to/error/log;
>
> to:
>
> error_log /some/path/to/error/log debug;
>
> And reload Nginx. Look for matches to that URL path and the subsequent
> 301 request. This feels like an Nginx configuration issue.
>
> _______________________________________________
> Sks-devel mailing list
> [hidden email]
> https://lists.nongnu.org/mailman/listinfo/sks-devel

--
keyserver.ispfontela.es 11370 # Paul Fontela <[hidden email]>
0x31743FFC33E746C5

_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: Strange case

Kristian Fiskerstrand-6
On 05/20/2018 01:31 AM, Webmaster IspFontela wrote:
>
> Now we just need to find out why the server a.0.keysnode.ispfontela.es
> on the list https://sks-keyservers.net/status/ has disappeared, I guess
> that will be a matter of time.

This server I explicitly added to blacklist for misbehaving with
redirect for 11371 to 443

--
----------------------------
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
----------------------------
Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
----------------------------
Divide et impera
Divide and govern

_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: Strange case

Kristian Fiskerstrand-6
On 05/20/2018 10:14 PM, Kristian Fiskerstrand wrote:
> On 05/20/2018 01:31 AM, Webmaster IspFontela wrote:
>>
>> Now we just need to find out why the server a.0.keysnode.ispfontela.es
>> on the list https://sks-keyservers.net/status/ has disappeared, I guess
>> that will be a matter of time.
>
> This server I explicitly added to blacklist for misbehaving with
> redirect for 11371 to 443
>

fwiw, I didn't add it to repo initially, but it is part of
https://git.sumptuouscapital.com/?p=sks-keyservers-pool.git;a=commitdiff;h=0a3962f591d2206aebd739bd4bec90809cc93822;hp=debbac15b210f4b9ced2235a8d3f0da1d3c4f144

--
----------------------------
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
----------------------------
Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
----------------------------
"Don't be afraid to go out on a limb. That's where the fruit is."
(H. Jackson Browne)

_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: Strange case

Paul Fontela



El 20/05/2018 a las 22:46, Kristian Fiskerstrand escribió:
On 05/20/2018 10:14 PM, Kristian Fiskerstrand wrote:
On 05/20/2018 01:31 AM, Webmaster IspFontela wrote:
Now we just need to find out why the server a.0.keysnode.ispfontela.es
on the list https://sks-keyservers.net/status/ has disappeared, I guess
that will be a matter of time.
This server I explicitly added to blacklist for misbehaving with
redirect for 11371 to 443

fwiw, I didn't add it to repo initially, but it is part of
https://git.sumptuouscapital.com/?p=sks-keyservers-pool.git;a=commitdiff;h=0a3962f591d2206aebd739bd4bec90809cc93822;hp=debbac15b210f4b9ced2235a8d3f0da1d3c4f144

Hello people,
Kristian thanks for the reply.
I do not understand what has happened, apart from finding some lines added by Certbot (leysencrypt) in nginx.conf, no change has been made to that server since the beginning of its implementation.
What can I do to solve it?
Does that problem affect the rest of the pool?

That server runs only nginx and sks, there are no other services that can affect sks.

The strangest thing is that it keeps synchronizing with other servers, I see it in recon.log and the error "POST / pks / hashquery HTTP / 1.0" 301 "no longer appears.

If you think it is not worth fixing it and removing this server from the pool, I will withdraw it and save the cost of hosting and maintenance and also remove a problem from my head that I already have more than enough.

I modified the nginx configuration file (/etc/nginx/nginx.conf) a bit to try to solve the problem, I do not know what else I can do, if someone is encouraged to help me I will appreciate it since it is a pity to leave this server outside the pool.


sincerely
Paul Fontela





-- 

Paul Fontela
keyserver.ispfontela.es 	11370	# Paul Fontela [hidden email] 0x31743FFC33E746C5
a.0.keysnode.ispfontela.es	11370	# Paul Fontela Gmail [hidden email] 0x3D7FCDA03AAD46F1

_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: Strange case

Moritz Wirth-2
Letsencrypt probably forwards port 80/port 11371 to 443, you can solve that if you add another server section for port 11371 (and port 80) where you handle the requests. 

Traffic on port 11371 should remain unencrypted so rewriting it to https is not allowed

Sent from my iPhone

Am 21.05.2018 um 15:45 schrieb Paul Fontela <[hidden email]>:



El 20/05/2018 a las 22:46, Kristian Fiskerstrand escribió:
On 05/20/2018 10:14 PM, Kristian Fiskerstrand wrote:
On 05/20/2018 01:31 AM, Webmaster IspFontela wrote:
Now we just need to find out why the server a.0.keysnode.ispfontela.es
on the list https://sks-keyservers.net/status/ has disappeared, I guess
that will be a matter of time.
This server I explicitly added to blacklist for misbehaving with
redirect for 11371 to 443

fwiw, I didn't add it to repo initially, but it is part of
https://git.sumptuouscapital.com/?p=sks-keyservers-pool.git;a=commitdiff;h=0a3962f591d2206aebd739bd4bec90809cc93822;hp=debbac15b210f4b9ced2235a8d3f0da1d3c4f144

Hello people,
Kristian thanks for the reply.
I do not understand what has happened, apart from finding some lines added by Certbot (leysencrypt) in nginx.conf, no change has been made to that server since the beginning of its implementation.
What can I do to solve it?
Does that problem affect the rest of the pool?

That server runs only nginx and sks, there are no other services that can affect sks.

The strangest thing is that it keeps synchronizing with other servers, I see it in recon.log and the error "POST / pks / hashquery HTTP / 1.0" 301 "no longer appears.

If you think it is not worth fixing it and removing this server from the pool, I will withdraw it and save the cost of hosting and maintenance and also remove a problem from my head that I already have more than enough.

I modified the nginx configuration file (/etc/nginx/nginx.conf) a bit to try to solve the problem, I do not know what else I can do, if someone is encouraged to help me I will appreciate it since it is a pity to leave this server outside the pool.


sincerely
Paul Fontela





-- 

Paul Fontela
keyserver.ispfontela.es 	11370	# Paul Fontela [hidden email] 0x31743FFC33E746C5
a.0.keysnode.ispfontela.es	11370	# Paul Fontela Gmail [hidden email] 0x3D7FCDA03AAD46F1
_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel

_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel