Re: [Sks-devel] sks.ustclug.org move to pgp.ustc.edu.cn
FWIW, since sks.ustclug.org(Aug 2016), I run sks inside a docker container, I'm pretty sure the service runs well :) When move to pgp.ustc.edu.cn, I have a dedicated server. But I still run sks in docker, with host network. The new Dockerfile can be found at https://github.com/zhsj/dockerfile/tree/master/sks-full It bundles a web server Caddy, so the deployment is much easier :) And, I designed a new web page, if you interested, just look at https://pgp.ustc.edu.cn/ signature.asc Description: PGP signature ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
Re: [Sks-devel] Cease of operation: *.gnupg.pub
Hi Travis, I am pretty aware of the location of the source code as you have might noticed in my initial writing: > I have studied the code running the pools quite a bit I also have not modified any of the SKS key server code along the process. My machines always ran the original SKS key server code. The issue is with the SKS key-server website/pool decision code, which is currently hosted by Sumptuous Capital. Let me quote another thing form my initial message: > In my humble opinion the code should be made public on a decent open source > platform (e.g., GitHub) I am not sure if the little Git server thingy on that Sumptuous Capital domain qualifies. Bitbucket is a fine service by Atlassian, but let's be honest here, if you are serious about Open Source, GitHub is the place to be. Open Source requires, issue management, pull requests and above all: contributors! Unfortunately, the latter are mostly found on GitHub. Nevertheless, thank you for your response Travis, that is very much appreciated. With kind regards, Franck Nijhof > On 23 Apr 2018, at 17:43, Travis wrote: > > On 04/23/2018 10:24 AM, Franck Nijhof wrote: >> Hi there, >> >> Via this message, I am announcing the cease of operations on the servers: >> *.gnupg.pub. >> >> I have started this experiment some time ago and have enjoyed it pretty much >> and reached my goal; Getting my server in the pools most of the time, by >> getting the highest possible score (without HA). >> >> The time has also come to make some confessions. Those scores my server got, >> are not real. I have studied the code running the pools quite a bit and >> discovered quite a few flaws in it. Which I successfully exploited to get a >> higher ranking, resulting in my pretty low budget VPS to be in multiple >> pools almost all the time. I am not going to expose those flaws right here. >> Nevertheless, I do think it is pretty severe that this system is that easy >> to manipulate. Even worse; I did not even get into doing extreme things >> since that was not necessary at all. >> >> With all due respect, the code running the SKS pools and website are in a >> pretty sad state. In my humble opinion the code should be made public on a >> decent open source platform (e.g., GitHub), refactored and exposed as much >> as possible in order to gain feedback and improvements from other >> developers. While doing that, add some decent CI/CD as, including some >> static code analysis tooling. >> >> Don't worry; the data is not being exploited at all. Nor did peering with me >> had any effect on your services. That was never my intention of this little >> project. >> >> Thank you for learning me so much from GPG and the inner working of the SKS >> pools that are so important to the GnuPG community and its users. >> >> With kind regards, >> >> Franck Nijhof > > The code is available at: > > https://bitbucket.org/skskeyserver/sks-keyserver/overview > https://git.sumptuouscapital.com/?p=sks-keyservers-pool.git;a=summary > > It'll be great to have your contributions to help improve the project. > > Travis > signature.asc Description: Message signed with OpenPGP ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
Re: [Sks-devel] Problem with Hockeypuck server stats and pool status
And to reply to my own post, I'm also send a PR to hockeypuck, but i would like to make sure that the we are changing the right fields needed in hockeypuck: - software propose to change in sks - contact Regards Robbert On 04/23/2018 07:57 PM, Robbert Müller wrote: > Hello, > > It seems that the sks get peer data function > (https://git.sumptuouscapital.com/?p=sks-keyservers-pool.git;a=blob;f=sks-keyservers.net/status-srv/sks_get_peer_data.php;h=0d4e1fa51d72fc9aa4e7b81d07afa3af0075a83e;hb=HEAD#l283) > expects a certain json format from hcokeypuck servers, > > except that hockeypuck doesn't return that format. > > a formatted example: > https://gist.github.com/mjrider/364852dc39a9e7fcc635e727f524d1e6 > > expected fields: > hostname > server_contact > software > version > numkeys > > available keys: > hostname ( is the same ) > contact > -- no software -- > version > Total > > I can provide a patch, if that would be preferred > > Regards > > Robbert Müller > > > > ___ > Sks-devel mailing list > Sks-devel@nongnu.org > https://lists.nongnu.org/mailman/listinfo/sks-devel > signature.asc Description: OpenPGP digital signature ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
[Sks-devel] Problem with Hockeypuck server stats and pool status
Hello, It seems that the sks get peer data function (https://git.sumptuouscapital.com/?p=sks-keyservers-pool.git;a=blob;f=sks-keyservers.net/status-srv/sks_get_peer_data.php;h=0d4e1fa51d72fc9aa4e7b81d07afa3af0075a83e;hb=HEAD#l283) expects a certain json format from hcokeypuck servers, except that hockeypuck doesn't return that format. a formatted example: https://gist.github.com/mjrider/364852dc39a9e7fcc635e727f524d1e6 expected fields: hostname server_contact software version numkeys available keys: hostname ( is the same ) contact -- no software -- version Total I can provide a patch, if that would be preferred Regards Robbert Müller signature.asc Description: OpenPGP digital signature ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
Re: [Sks-devel] disk space
[Sent from my iPad, as it is not a secured device there are no cryptographic keys on this device, meaning this message is sent without an OpenPGP signature. In general you should *not* rely on any information sent over such an unsecure channel, if you find any information controversial or un-expected send a response and request a signed confirmation] > On 22 Apr 2018, at 12:18, Shengjing Zhu wrote: > > Hi Paul, > >> On Mon, Jan 22, 2018 at 07:01:19PM +0100, Paul Fontela wrote: >> Hi All, >> >> Checked, I went from 118G in /var/lib/sks/KDB/ to 3GB after adding the >> DB_CONFIG file inside the KDB folder. >> More than 11,000 files have been deleted log.0xx. >> > > Just want to confirm your KDB directory is 3GB? I setup a new server > today, and I see it's 20GB. Possible difference is fastbuild vs normalbuild.. for fastbuild only references since dump is kept so if dump is recent enough not too many changes. > > BR, > Shengjing Zhu > ___ > Sks-devel mailing list > Sks-devel@nongnu.org > https://lists.nongnu.org/mailman/listinfo/sks-devel ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
Re: [Sks-devel] Cease of operation: *.gnupg.pub
On 04/23/2018 10:24 AM, Franck Nijhof wrote: > Hi there, > > Via this message, I am announcing the cease of operations on the servers: > *.gnupg.pub. > > I have started this experiment some time ago and have enjoyed it pretty much > and reached my goal; Getting my server in the pools most of the time, by > getting the highest possible score (without HA). > > The time has also come to make some confessions. Those scores my server got, > are not real. I have studied the code running the pools quite a bit and > discovered quite a few flaws in it. Which I successfully exploited to get a > higher ranking, resulting in my pretty low budget VPS to be in multiple pools > almost all the time. I am not going to expose those flaws right here. > Nevertheless, I do think it is pretty severe that this system is that easy to > manipulate. Even worse; I did not even get into doing extreme things since > that was not necessary at all. > > With all due respect, the code running the SKS pools and website are in a > pretty sad state. In my humble opinion the code should be made public on a > decent open source platform (e.g., GitHub), refactored and exposed as much as > possible in order to gain feedback and improvements from other developers. > While doing that, add some decent CI/CD as, including some static code > analysis tooling. > > Don't worry; the data is not being exploited at all. Nor did peering with me > had any effect on your services. That was never my intention of this little > project. > > Thank you for learning me so much from GPG and the inner working of the SKS > pools that are so important to the GnuPG community and its users. > > With kind regards, > > Franck Nijhof The code is available at: https://bitbucket.org/skskeyserver/sks-keyserver/overview https://git.sumptuouscapital.com/?p=sks-keyservers-pool.git;a=summary It'll be great to have your contributions to help improve the project. Travis signature.asc Description: OpenPGP digital signature ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
[Sks-devel] Cease of operation: *.gnupg.pub
Hi there, Via this message, I am announcing the cease of operations on the servers: *.gnupg.pub. I have started this experiment some time ago and have enjoyed it pretty much and reached my goal; Getting my server in the pools most of the time, by getting the highest possible score (without HA). The time has also come to make some confessions. Those scores my server got, are not real. I have studied the code running the pools quite a bit and discovered quite a few flaws in it. Which I successfully exploited to get a higher ranking, resulting in my pretty low budget VPS to be in multiple pools almost all the time. I am not going to expose those flaws right here. Nevertheless, I do think it is pretty severe that this system is that easy to manipulate. Even worse; I did not even get into doing extreme things since that was not necessary at all. With all due respect, the code running the SKS pools and website are in a pretty sad state. In my humble opinion the code should be made public on a decent open source platform (e.g., GitHub), refactored and exposed as much as possible in order to gain feedback and improvements from other developers. While doing that, add some decent CI/CD as, including some static code analysis tooling. Don't worry; the data is not being exploited at all. Nor did peering with me had any effect on your services. That was never my intention of this little project. Thank you for learning me so much from GPG and the inner working of the SKS pools that are so important to the GnuPG community and its users. With kind regards, Franck Nijhof signature.asc Description: Message signed with OpenPGP ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
[Sks-devel] Update to membership line info for keys.fspproductions.biz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hello, for anyone peering with keys.fspproductions.biz, please update my membership line to: keys.fspproductions.biz 11370 # Fabian A. Santiago 0x643082042DC83E6D94B86C405E3DAA18A1C22D8F thank you. this update will be made to my server's contact info as well shortly. -- Thanks, Fabian S. OpenPGP: 0x643082042DC83E6D94B86C405E3DAA18A1C22D8F (new key) 0x3C3FA072ACCB7AC5DB0F723455502B0EEB9070FC (to be retired / revoked) -BEGIN PGP SIGNATURE- Version: OpenPGP.js v2.5.11 Comment: https://openpgpjs.org wsFcBAEBCAAQBQJa3fOGCRBqUZPvQbPw0wAAtTYP/1hWeZYTSZilFaGJRyTD /L5Hr7h/kGPHXGkmEqYTHPjekNRM62/DTTDeY+l3LmDqWHz0Y+6VfDAAZ1yn 54/wjnXpGojy7kXyVrcqQFBJv0AS6seZKs8AY5g6y6DlMCEctXqfD0GJ2fcG /IlTGdV4SLd6F0EwfjR5kFTIfwm96wJVQJ8SWLNQvPHsEXzCb9438JnRokul 9wKYhpHvs4Qm+O0ZUzBW4JhNs0g5LlvWzlBX/SspgNzLc5a1BXleAZovA775 rrdFJf/G8MCVEhN0Gd2YlVp2PDXlqTpHzhslMwfHJgLUU/7o0S3cAenTLvh6 5W7zsYwE2ki7J/MvSwwrc8IIaEsjMjv5zm+gwMYAjpa073D6MhfalAQPp6AW NgOQo/ENpm9C4LTWe31aODDTathBKqTzbNRWcu4aarbsGPGLkrCrFKvXfnlV VSnABHbwIczwATL91mcemtRkH/zSn/I1p8AjtOKum/UL1R6Wh40rv+LPdQoQ iFgBb+h3xxMfdBOJDFMyG0X41fU7KmrQtBlNiHixWpaX+IYP0t79Z4lESKb3 wImKlgFuOQJpUO/jWhca+T6ldCa7DWKcMT7fWYZEOOJ2DhxEtgv3THSrAT0u HSa82fkDRaXcaE3oW5Ft2qbeaz/pdDuTxey5BAiM+mNL/xAAYRYvdqLkNDVk S3aY =4VH2 -END PGP SIGNATURE- ___ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
