Withdrawal of service: keys2.flanga.io & keys3.flanga.io

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Withdrawal of service: keys2.flanga.io & keys3.flanga.io

Moritz Wirth-2
Hi,

keys2.flanga.io and keys3.flanga.io will cease operation immediately,
given the latest problems.

keys.flanga.io will remain online as long as it runs stable and the
required disk space does not exceed my limits (database capacity has
almost tripled when switching to hockeypuck and is now about 37GB...)
and the bandwith consumption stays on a resonable level - I almost spent
a terabyte only for peering with other servers and I don't think it's
reasonable for a few hundred keys per day...

All peers are asked to remove keys2.flanga.io from their peering list
(or replace it with keys.flanga.io) - keys3.flanga.io was never actively
peered. FYI, Peers for keys.flanga.io are not listed on the
sks-keyservers pages anymore.

Best Regards,

Moritz



_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel
Reply | Threaded
Open this post in threaded view
|

Re: Withdrawal of service: keys2.flanga.io & keys3.flanga.io

Fabian A. Santiago
On 2018-07-17 08:17 AM, Moritz Wirth wrote:

> Hi,
>
> keys2.flanga.io and keys3.flanga.io will cease operation immediately,
> given the latest problems.
>
> keys.flanga.io will remain online as long as it runs stable and the
> required disk space does not exceed my limits (database capacity has
> almost tripled when switching to hockeypuck and is now about 37GB...)
> and the bandwith consumption stays on a resonable level - I almost
> spent
> a terabyte only for peering with other servers and I don't think it's
> reasonable for a few hundred keys per day...
>
> All peers are asked to remove keys2.flanga.io from their peering list
> (or replace it with keys.flanga.io) - keys3.flanga.io was never
> actively
> peered. FYI, Peers for keys.flanga.io are not listed on the
> sks-keyservers pages anymore.
>
> Best Regards,
>
> Moritz
>
>
>
> _______________________________________________
> Sks-devel mailing list
> [hidden email]
> https://lists.nongnu.org/mailman/listinfo/sks-devel
it really irks me that it has to come to this with so many keyservers
dropping offline. sad to see you go. thanks. i wish i was a developer so
i could help this community along more substantially than just simply
running a keyserver myself. such is life...

--
Fabian S.

OpenPGP:

0x643082042DC83E6D94B86C405E3DAA18A1C22D8F (new key)

***

0x3C3FA072ACCB7AC5DB0F723455502B0EEB9070FC (to be retired, still valid)

_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel

signature.asc (853 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Withdrawal of service: keys2.flanga.io & keys3.flanga.io

Martin Dobrev
In reply to this post by Moritz Wirth-2
It's sad to see you going. I've removed the servers from my membership
file yet I see that you've removed keyserver.dobrev.eu from your list
too. Is there a particular reason for that or you were just attempting
to protect yourself during the attack?



On 17/07/18 13:17, Moritz Wirth wrote:

> Hi,
>
> keys2.flanga.io and keys3.flanga.io will cease operation immediately,
> given the latest problems.
>
> keys.flanga.io will remain online as long as it runs stable and the
> required disk space does not exceed my limits (database capacity has
> almost tripled when switching to hockeypuck and is now about 37GB...)
> and the bandwith consumption stays on a resonable level - I almost spent
> a terabyte only for peering with other servers and I don't think it's
> reasonable for a few hundred keys per day...
>
> All peers are asked to remove keys2.flanga.io from their peering list
> (or replace it with keys.flanga.io) - keys3.flanga.io was never actively
> peered. FYI, Peers for keys.flanga.io are not listed on the
> sks-keyservers pages anymore.
>
> Best Regards,
>
> Moritz
>
>
>
> _______________________________________________
> Sks-devel mailing list
> [hidden email]
> https://lists.nongnu.org/mailman/listinfo/sks-devel

_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel

pEpkey.asc (2K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Withdrawal of service: keys2.flanga.io & keys3.flanga.io

Moritz Wirth-2
Hi Martin, 

are you talking about keys.flanga.io or keys2.flanga.io? keys.flanga.io
does still peer, however sks-keyservers does not recognize the peers due
to different structures of the /pks/lookup?op=stats&options=mr file -
this should not affect the peering itself and keyserver.dobrev.eu is
still listed in my peering file (and it looks like peering works:
time="2018-07-19T15:00:04UTC" level=debug msg="hashquery response from
\"keyserver.dobrev.eu:11371\": 8 keys found") . keys2.flanga.io has been
disabled so it does not peer anymore ;)

The main reason for disabling keys2.flanga.io and keys3.flanga.io was
the heavy resource consumption - one point was traffic (thanks to the
amount of keys with 30MB+) and the other one was the CPU utilization of
the database. I monitored the uptime of the sks webserver every 30
seconds and it crashed every 2-5 minutes. While I am happy to contribute
to this project, I don't see a reason in operating something that only
works 60% of the time.

I would rather consider the recent "attacks" as severe bugs than attacks
(though handling these bugs has miserably failed) and the recent patches
are only a drop in the ocean. Let's be honest, SKS is not maintained and
it probably never will, and it's simply frustrating running a keyserver
that never will work as expected.

However, keys.flanga.io will probably continue operation with Hockeypuck
- though it has its own bugs, it's way faster and reliable than SKS.

Best Regards,

Moritz


Am 19.07.18 um 16:52 schrieb Martin Dobrev:

> It's sad to see you going. I've removed the servers from my membership
> file yet I see that you've removed keyserver.dobrev.eu from your list
> too. Is there a particular reason for that or you were just attempting
> to protect yourself during the attack?
>
>
>
> On 17/07/18 13:17, Moritz Wirth wrote:
>> Hi,
>>
>> keys2.flanga.io and keys3.flanga.io will cease operation immediately,
>> given the latest problems.
>>
>> keys.flanga.io will remain online as long as it runs stable and the
>> required disk space does not exceed my limits (database capacity has
>> almost tripled when switching to hockeypuck and is now about 37GB...)
>> and the bandwith consumption stays on a resonable level - I almost spent
>> a terabyte only for peering with other servers and I don't think it's
>> reasonable for a few hundred keys per day...
>>
>> All peers are asked to remove keys2.flanga.io from their peering list
>> (or replace it with keys.flanga.io) - keys3.flanga.io was never actively
>> peered. FYI, Peers for keys.flanga.io are not listed on the
>> sks-keyservers pages anymore.
>>
>> Best Regards,
>>
>> Moritz
>>
>>
>>
>> _______________________________________________
>> Sks-devel mailing list
>> [hidden email]
>> https://lists.nongnu.org/mailman/listinfo/sks-devel


_______________________________________________
Sks-devel mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/sks-devel

signature.asc (876 bytes) Download Attachment