Keyserver

From NoName e.V.
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Originally found here and copied to ensure it doesn’t vanish: http://www.rainydayz.org/node/10

I've been trying to install a PGP keyserver for some time, then found sks. It's in the Ubuntu repositories, so actually installing it is a breeze : 

# sudo apt-get install sks

However, configuring it is a little more complicated, here are the steps I took :

  • Open a terminal window
  • Create the database to store the keys
# sudo sks build
  • Start sks, then close it, to ensure that all files it requires are created correctly
# sudo sks db ^C
  • Set database permissions on the database used by sks to store keys
# sudo chown -Rc debian-sks:debian-sks /var/lib/sks/DB
  • To start the server automatically, set initstart=yes in /etc/default/sks
  • Edit /etc/init.d/sks to automatically create the/var/run/sks directory on startup. At (approx) line 71 (after the check for /etc/default/sks & before 'echo -n "sksdb.."') add
mkdir -p `dirname "$SKSDBPID"`
chown debian-sks `dirname "$SKSDBPID"`
  • The log archive script which is run daily from cron assumes that sks is using db4.1. Under Ubuntu the database used is db4.6. In /etc/cron.daily/sks change db4.1_archive to db4.6_archive.

The keyserver can be started 

# sudo /etc/init.d/sks start

It listens on port 11371, and can be used with the encryption tools provided by Ubuntu, Thunderbird & Evolution

Now, to configure the web-interface, I had to find two files which weren't included in the distribution. These are :

  • index.html : main keyserver web-page
  • keys.jpg : image displayed on the keyserver web-page

You can download an archive containing these files from here to your machine. To install the files :

  • Unzip the archive
# tar cvjf sks_www.tar.bz2
  • Edit index.html and change the three references to your.site.name (currently at lines 20, 36 & 62) to the url of your keyserver (in my case keyserver.rainydayz.org)
  • Make a directory for the files where the keyserver will look for them
# sudo mkdir /var/lib/sks/www
  • Copy the files
# sudo cp index.html /var/lib/sks/www/
# sudo cp keys.jpg /var/lib/sks/www/
  • Change permissions on the files
# sudo chown -R debian-sks:debian-sks /var/lib/sks/www

You should now be able to browse to your server on port 11371 and search for, upload & download keys. As example, my keyserver can be found at http://keyserver.rainydayz.org:11371

Retrieved from "https://www.noname-ev.de/wiki/index.php?title=Keyserver&oldid=7204"