diff options
Diffstat (limited to 'doc')
-rw-r--r-- | doc/george/changelog | 6 | ||||
-rw-r--r-- | doc/zimmermann/changelog | 49 | ||||
-rw-r--r-- | doc/zimmermann/https-proxy | 14 | ||||
-rw-r--r-- | doc/zimmermann/index.html | 73 |
4 files changed, 142 insertions, 0 deletions
diff --git a/doc/george/changelog b/doc/george/changelog index b528fd0..99481c4 100644 --- a/doc/george/changelog +++ b/doc/george/changelog @@ -12,6 +12,12 @@ * Configured /etc/nullmailer/remotes to have mail.riseup.net so remote delivery will work * Removed the hundreds of queued cron emails that had resulted in 30gig of mail.err logs * Rotated the giant logs out + +2009-01-11 - dkg + * extended the expiration date for george's key three months into + the future. + * aptitude update && aptitude full-upgrade (brings monkeysphere to + 0.22-1) 2008-10-29 - dkg * aptitude update && aptitude full-upgrade diff --git a/doc/zimmermann/changelog b/doc/zimmermann/changelog new file mode 100644 index 0000000..8dedf58 --- /dev/null +++ b/doc/zimmermann/changelog @@ -0,0 +1,49 @@ +****************************************************************************** +* * +* zimmermann system log * +* * +****************************************************************************** +* Please add new entries in reverse chronological order whenever you make * +* changes to this system (first command at top, last at bottom) * +****************************************************************************** + +2008-11-29 - dkg + * zimmermann now uses an X.509 certificate signed by the MF/PL CA + for its HTTPS connection. + +2008-11-19 - dkg + * added 10 SKS peers as a result of feedback from sks-devel. + * set localtime to America/New_York via dpkg-reconfigure tzdata + * aptitude update && aptitude full-upgrade + * set up /var/lib/sks/www/index.html based on + doc/zimmermann/index.html from this repo. + * made nginx proxy plain ol' HTTP on port 80 also so that SKS does + not need to try to listen on a privileged port. + * turned on initial_stat and stat_hour: 3 in /etc/sks/sksconf + +2008-11-19 - mlc + * aptitude install nginx + * get rid of /etc/nginx/sites-enabled/default + * create /etc/nginx/sites-available/https-proxy and make a symlink + to it in the sites-enabled directory + * invoke-rc.d nginx start + +2008-11-17 - micah + * verified the SHA256 values for the key material + * /usr/lib/sks/sks_build.sh (chose option #2: normalbuild) + * chown -R debian-sks:debian-sks /var/lib/sks + * edit /etc/default/sks to enable the initscript + * /etc/init.d/sks start + * rm -rf /var/lib/sks/dump + +2008-11-15 - micah + * aptitude update && aptitude full-upgrade + * aptitude install sks + * cd /var/lib/sks/dump ; wget -q -r -np -nd -A bz2,SHA256,asc \ + http://nynex.net/keydump/ -e robots=off + * install monkeysphere 0.21-2 package + * apt-get install bzip2 ; bunzip2 /var/lib/sks/dump/*.bz2 + +2008-11-15 - jamie + * aptitude install esmtp-run mailx + * edited /etc/esmtp-run, configured to relay to bulk.mayfirst.org diff --git a/doc/zimmermann/https-proxy b/doc/zimmermann/https-proxy new file mode 100644 index 0000000..c4521a7 --- /dev/null +++ b/doc/zimmermann/https-proxy @@ -0,0 +1,14 @@ +server { + listen 443; + server_name zimmermann.mayfirst.org; + ssl on; + ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem; + ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key; + ssl_ciphers HIGH:MEDIUM:!ADH; + + access_log off; + + location / { + proxy_pass http://localhost:11371/; + } +} diff --git a/doc/zimmermann/index.html b/doc/zimmermann/index.html new file mode 100644 index 0000000..e8e36e0 --- /dev/null +++ b/doc/zimmermann/index.html @@ -0,0 +1,73 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> +<html> + <head> + <title>SKS Search Page</title> + <meta http-equiv="content-type" content="text/html; charset="utf-8"> + <meta name="author" content="Yaron M. Minsky/Jack Cummings/Daniel Kahn Gillmor"> + </head> + <body text="#000000" bgcolor="#ffffff" link="#000099" vlink="#990099" alink="#000099"> + <h1><a href="http://www.nongnu.org/sks/">SKS OpenPGP Keyserver</a> <br> @zimmermann.mayfirst.org</h1> + <p> SKS is a OpenPGP keyserver whose goal is to provide easy to deploy, decentralized, and highly reliable synchronization. That means that a key submitted to one SKS server will quickly be distributed to all key servers, and even wildly out-of-date servers, or servers that experience spotty connectivity, can fully synchronize with rest of the system. </p> + <p>You can find out more about SKS, along with links to graphs of the network status <a href="http://www.nongnu.org/sks/">here</a>.</p> + <table cellpadding="2" cellspacing="2" border="1" width="600" bgcolor="#ddddff"> + <tr> + <td valign="top"> + <h3>Extract a key</h3> + <p>You can extract a key by typing in some words that appear in the userid + of the key you're looking for, or by typing in the keyid in hex format ("0x...")</p> + <p> + <form action="/pks/lookup" method="get"> + Search String: <input name="search" size="40"> <br> + Show PGP "fingerprints" for keys + <input type="checkbox" name="fingerprint"> <br> + Show SKS full-key hashes + <input type="checkbox" name="hash"> <br> + Search for keys: <br> + <input type="radio" name="op" value="index" CHECKED> get index of matching keys <br> + <input type="radio" name="op" value="vindex"> get verbose index of matching keys <br> + <input type="radio" name="op" value="get"> retrieve ascii-armored keys <br> + <input type="radio" name="op" value="hget"> retrieve keys by full-key hash + <br> + <input type="reset" value="Reset"> + <input type="submit"> + </form> + <br> + </td> + </tr> + <tr> + <td valign="top"> + <h3>Submit a key</h3> + You can submit a key by simply pasting in the ASCII-armored version + of your key and clicking on submit. + <form action="/pks/add" method="post"> + <textarea name="keytext" rows="20" cols="66"></textarea> <br> + <input type="reset" value="Reset"> + <input type="submit" value="Submit this key to the keyserver!"> + </form> + </td> + </tr> + <tr> + <td> + <h3> + Access + </h3> + To use this server directly via HKP add this to your .PGP keyserver list:<br> + +<pre>x-hkp://zimmermann.mayfirst.org +http://zimmermann.mayfirst.org:11371</pre> + + You can also select a random server by adding this to your keyserver list:<br> + +<pre>x-hkp://pool.sks-keyservers.net +http://pool.sks-keyservers.net:11371</pre> + + </td> + </tr> + </tbody> + </table> + +<hr> + [<a href="/pks/lookup?op=stats">Server Status</a>] If you have any questions + about or problems with this server, please <a href="https://support.mayfirst.org/newticket?summary=zimmermann.mayfirst.org%20trouble">open a ticket</a>. + </body> +</html> |