From 909d963139377f573b4350745b60606d65214c17 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 18 Nov 2008 00:02:56 -0500 Subject: added steps taken on zimmerman to get sks setup --- doc/zimmerman/changelog | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'doc') diff --git a/doc/zimmerman/changelog b/doc/zimmerman/changelog index e833b1e..a92557d 100644 --- a/doc/zimmerman/changelog +++ b/doc/zimmerman/changelog @@ -7,12 +7,21 @@ * changes to this system (first command at top, last at bottom) * ****************************************************************************** +2008-11-17 - micah + * verified the SHA256 values for the key material + * /usr/lib/sks/sks_build.sh (chose option #2: normalbuild) + * chown -R debian-sks:debian-sks /var/lib/sks + * edit /etc/default/sks to enable the initscript + * /etc/init.d/sks start + * rm -rf /var/lib/sks/dump + 2008-11-15 - micah * aptitude update && aptitude full-upgrade * aptitude install sks * cd /var/lib/sks/dump ; wget -q -r -np -nd -A bz2,SHA256,asc \ http://nynex.net/keydump/ -e robots=off * install monkeysphere 0.21-2 package + * apt-get install bzip2 ; bunzip2 /var/lib/sks/dump/*.bz2 2008-11-15 - jamie * aptitude install esmtp-run mailx -- cgit v1.2.3 From 67a77f6306e15f7f7cf2d1e2fc5cc258f9398cef Mon Sep 17 00:00:00 2001 From: mike castleman Date: Wed, 19 Nov 2008 01:16:19 -0500 Subject: explain how it is that zimmermann speaks https --- doc/zimmerman/changelog | 7 +++++++ doc/zimmerman/https-proxy | 14 ++++++++++++++ 2 files changed, 21 insertions(+) create mode 100644 doc/zimmerman/https-proxy (limited to 'doc') diff --git a/doc/zimmerman/changelog b/doc/zimmerman/changelog index a92557d..46160a2 100644 --- a/doc/zimmerman/changelog +++ b/doc/zimmerman/changelog @@ -7,6 +7,13 @@ * changes to this system (first command at top, last at bottom) * ****************************************************************************** +2008-11-19 - mlc + * aptitude install nginx + * get rid of /etc/nginx/sites-enabled/default + * create /etc/nginx/sites-available/https-proxy and make a symlink + to it in the sites-enabled directory + * invoke-rc.d nginx start + 2008-11-17 - micah * verified the SHA256 values for the key material * /usr/lib/sks/sks_build.sh (chose option #2: normalbuild) diff --git a/doc/zimmerman/https-proxy b/doc/zimmerman/https-proxy new file mode 100644 index 0000000..c4521a7 --- /dev/null +++ b/doc/zimmerman/https-proxy @@ -0,0 +1,14 @@ +server { + listen 443; + server_name zimmermann.mayfirst.org; + ssl on; + ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem; + ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key; + ssl_ciphers HIGH:MEDIUM:!ADH; + + access_log off; + + location / { + proxy_pass http://localhost:11371/; + } +} -- cgit v1.2.3 From dcf50556743294744c5a39e045474ae242e0bccf Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Wed, 19 Nov 2008 11:36:46 -0500 Subject: document zimmermann SKS peers. --- doc/zimmerman/changelog | 3 +++ 1 file changed, 3 insertions(+) (limited to 'doc') diff --git a/doc/zimmerman/changelog b/doc/zimmerman/changelog index 46160a2..c054486 100644 --- a/doc/zimmerman/changelog +++ b/doc/zimmerman/changelog @@ -7,6 +7,9 @@ * changes to this system (first command at top, last at bottom) * ****************************************************************************** +2008-11-19 - dkg + * added 9 SKS peers as a result of feedback from sks-devel. + 2008-11-19 - mlc * aptitude install nginx * get rid of /etc/nginx/sites-enabled/default -- cgit v1.2.3 From e2854b865c01e4eb2547a7dd581de20bddec41d5 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Wed, 19 Nov 2008 11:37:08 -0500 Subject: fixing the spelling of zimmermann. --- doc/zimmerman/changelog | 38 -------------------------------------- doc/zimmerman/https-proxy | 14 -------------- doc/zimmermann/changelog | 38 ++++++++++++++++++++++++++++++++++++++ doc/zimmermann/https-proxy | 14 ++++++++++++++ 4 files changed, 52 insertions(+), 52 deletions(-) delete mode 100644 doc/zimmerman/changelog delete mode 100644 doc/zimmerman/https-proxy create mode 100644 doc/zimmermann/changelog create mode 100644 doc/zimmermann/https-proxy (limited to 'doc') diff --git a/doc/zimmerman/changelog b/doc/zimmerman/changelog deleted file mode 100644 index c054486..0000000 --- a/doc/zimmerman/changelog +++ /dev/null @@ -1,38 +0,0 @@ -****************************************************************************** -* * -* zimmerman system log * -* * -****************************************************************************** -* Please add new entries in reverse chronological order whenever you make * -* changes to this system (first command at top, last at bottom) * -****************************************************************************** - -2008-11-19 - dkg - * added 9 SKS peers as a result of feedback from sks-devel. - -2008-11-19 - mlc - * aptitude install nginx - * get rid of /etc/nginx/sites-enabled/default - * create /etc/nginx/sites-available/https-proxy and make a symlink - to it in the sites-enabled directory - * invoke-rc.d nginx start - -2008-11-17 - micah - * verified the SHA256 values for the key material - * /usr/lib/sks/sks_build.sh (chose option #2: normalbuild) - * chown -R debian-sks:debian-sks /var/lib/sks - * edit /etc/default/sks to enable the initscript - * /etc/init.d/sks start - * rm -rf /var/lib/sks/dump - -2008-11-15 - micah - * aptitude update && aptitude full-upgrade - * aptitude install sks - * cd /var/lib/sks/dump ; wget -q -r -np -nd -A bz2,SHA256,asc \ - http://nynex.net/keydump/ -e robots=off - * install monkeysphere 0.21-2 package - * apt-get install bzip2 ; bunzip2 /var/lib/sks/dump/*.bz2 - -2008-11-15 - jamie - * aptitude install esmtp-run mailx - * edited /etc/esmtp-run, configured to relay to bulk.mayfirst.org diff --git a/doc/zimmerman/https-proxy b/doc/zimmerman/https-proxy deleted file mode 100644 index c4521a7..0000000 --- a/doc/zimmerman/https-proxy +++ /dev/null @@ -1,14 +0,0 @@ -server { - listen 443; - server_name zimmermann.mayfirst.org; - ssl on; - ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem; - ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key; - ssl_ciphers HIGH:MEDIUM:!ADH; - - access_log off; - - location / { - proxy_pass http://localhost:11371/; - } -} diff --git a/doc/zimmermann/changelog b/doc/zimmermann/changelog new file mode 100644 index 0000000..c054486 --- /dev/null +++ b/doc/zimmermann/changelog @@ -0,0 +1,38 @@ +****************************************************************************** +* * +* zimmerman system log * +* * +****************************************************************************** +* Please add new entries in reverse chronological order whenever you make * +* changes to this system (first command at top, last at bottom) * +****************************************************************************** + +2008-11-19 - dkg + * added 9 SKS peers as a result of feedback from sks-devel. + +2008-11-19 - mlc + * aptitude install nginx + * get rid of /etc/nginx/sites-enabled/default + * create /etc/nginx/sites-available/https-proxy and make a symlink + to it in the sites-enabled directory + * invoke-rc.d nginx start + +2008-11-17 - micah + * verified the SHA256 values for the key material + * /usr/lib/sks/sks_build.sh (chose option #2: normalbuild) + * chown -R debian-sks:debian-sks /var/lib/sks + * edit /etc/default/sks to enable the initscript + * /etc/init.d/sks start + * rm -rf /var/lib/sks/dump + +2008-11-15 - micah + * aptitude update && aptitude full-upgrade + * aptitude install sks + * cd /var/lib/sks/dump ; wget -q -r -np -nd -A bz2,SHA256,asc \ + http://nynex.net/keydump/ -e robots=off + * install monkeysphere 0.21-2 package + * apt-get install bzip2 ; bunzip2 /var/lib/sks/dump/*.bz2 + +2008-11-15 - jamie + * aptitude install esmtp-run mailx + * edited /etc/esmtp-run, configured to relay to bulk.mayfirst.org diff --git a/doc/zimmermann/https-proxy b/doc/zimmermann/https-proxy new file mode 100644 index 0000000..c4521a7 --- /dev/null +++ b/doc/zimmermann/https-proxy @@ -0,0 +1,14 @@ +server { + listen 443; + server_name zimmermann.mayfirst.org; + ssl on; + ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem; + ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key; + ssl_ciphers HIGH:MEDIUM:!ADH; + + access_log off; + + location / { + proxy_pass http://localhost:11371/; + } +} -- cgit v1.2.3 From afbaf20af5e2106ced3c3abde815530e78df1071 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Wed, 19 Nov 2008 11:51:10 -0500 Subject: more updates for zimmermann --- doc/zimmermann/changelog | 2 ++ 1 file changed, 2 insertions(+) (limited to 'doc') diff --git a/doc/zimmermann/changelog b/doc/zimmermann/changelog index c054486..5801cb9 100644 --- a/doc/zimmermann/changelog +++ b/doc/zimmermann/changelog @@ -9,6 +9,8 @@ 2008-11-19 - dkg * added 9 SKS peers as a result of feedback from sks-devel. + * set localtime to America/New_York via dpkg-reconfigure tzdata + * aptitude update && aptitude full-upgrade 2008-11-19 - mlc * aptitude install nginx -- cgit v1.2.3 From 32695b249c69a547fd31f088906e6318ece1f771 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Wed, 19 Nov 2008 15:22:37 -0500 Subject: added simple index.html for people to read if they decide to visit zimmermann with a browser. --- doc/zimmermann/index.html | 73 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 73 insertions(+) create mode 100644 doc/zimmermann/index.html (limited to 'doc') diff --git a/doc/zimmermann/index.html b/doc/zimmermann/index.html new file mode 100644 index 0000000..e8e36e0 --- /dev/null +++ b/doc/zimmermann/index.html @@ -0,0 +1,73 @@ + + + + SKS Search Page + + + + +

SKS OpenPGP Keyserver
@zimmermann.mayfirst.org

+

SKS is a OpenPGP keyserver whose goal is to provide easy to deploy, decentralized, and highly reliable synchronization. That means that a key submitted to one SKS server will quickly be distributed to all key servers, and even wildly out-of-date servers, or servers that experience spotty connectivity, can fully synchronize with rest of the system.

+

You can find out more about SKS, along with links to graphs of the network status here.

+ + + + + + + + + + + +
+

Extract a key

+

You can extract a key by typing in some words that appear in the userid + of the key you're looking for, or by typing in the keyid in hex format ("0x...")

+

+

+ Search String:
+ Show PGP "fingerprints" for keys +
+ Show SKS full-key hashes +
+ Search for keys:
+ get index of matching keys
+ get verbose index of matching keys
+ retrieve ascii-armored keys
+ retrieve keys by full-key hash +
+ + +
+
+
+

Submit a key

+ You can submit a key by simply pasting in the ASCII-armored version + of your key and clicking on submit. +
+
+ + +
+
+

+ Access +

+ To use this server directly via HKP add this to your .PGP keyserver list:
+ +
x-hkp://zimmermann.mayfirst.org
+http://zimmermann.mayfirst.org:11371
+ + You can also select a random server by adding this to your keyserver list:
+ +
x-hkp://pool.sks-keyservers.net
+http://pool.sks-keyservers.net:11371
+ +
+ +
+ [Server Status] If you have any questions + about or problems with this server, please open a ticket. + + -- cgit v1.2.3 From da2b427d69b516a376441764927e478ce0a9a8b7 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Wed, 19 Nov 2008 15:32:33 -0500 Subject: noted changes to zimmermann config. --- doc/zimmermann/changelog | 2 ++ 1 file changed, 2 insertions(+) (limited to 'doc') diff --git a/doc/zimmermann/changelog b/doc/zimmermann/changelog index 5801cb9..d5868b6 100644 --- a/doc/zimmermann/changelog +++ b/doc/zimmermann/changelog @@ -11,6 +11,8 @@ * added 9 SKS peers as a result of feedback from sks-devel. * set localtime to America/New_York via dpkg-reconfigure tzdata * aptitude update && aptitude full-upgrade + * set up /var/lib/sks/www/index.html based on + doc/zimmermann/index.html from this repo. 2008-11-19 - mlc * aptitude install nginx -- cgit v1.2.3 From c94bebd604d07566cd51e85f552867d09d599cbf Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Wed, 19 Nov 2008 15:56:14 -0500 Subject: notes about using zimmermann port 80. --- doc/zimmermann/changelog | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'doc') diff --git a/doc/zimmermann/changelog b/doc/zimmermann/changelog index d5868b6..841f3c9 100644 --- a/doc/zimmermann/changelog +++ b/doc/zimmermann/changelog @@ -12,7 +12,9 @@ * set localtime to America/New_York via dpkg-reconfigure tzdata * aptitude update && aptitude full-upgrade * set up /var/lib/sks/www/index.html based on - doc/zimmermann/index.html from this repo. + doc/zimmermann/index.html from this repo. + * made nginx proxy plain ol' HTTP on port 80 also so that SKS does + not need to try to listen on a privileged port. 2008-11-19 - mlc * aptitude install nginx -- cgit v1.2.3 From 574215cda48da32ada49751edab459fb21d7f469 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Wed, 19 Nov 2008 16:19:20 -0500 Subject: configured statistics calculations at SKS boot and at 03:00 (i think). --- doc/zimmermann/changelog | 1 + 1 file changed, 1 insertion(+) (limited to 'doc') diff --git a/doc/zimmermann/changelog b/doc/zimmermann/changelog index 841f3c9..cb48a95 100644 --- a/doc/zimmermann/changelog +++ b/doc/zimmermann/changelog @@ -15,6 +15,7 @@ doc/zimmermann/index.html from this repo. * made nginx proxy plain ol' HTTP on port 80 also so that SKS does not need to try to listen on a privileged port. + * turned on initial_stat and stat_hour: 3 in /etc/sks/sksconf 2008-11-19 - mlc * aptitude install nginx -- cgit v1.2.3 From c21e955e6fdc33c289a5609ef240084bbffbacbc Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Wed, 19 Nov 2008 16:44:07 -0500 Subject: added one more SKS peer. --- doc/zimmermann/changelog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'doc') diff --git a/doc/zimmermann/changelog b/doc/zimmermann/changelog index cb48a95..cb84b43 100644 --- a/doc/zimmermann/changelog +++ b/doc/zimmermann/changelog @@ -8,7 +8,7 @@ ****************************************************************************** 2008-11-19 - dkg - * added 9 SKS peers as a result of feedback from sks-devel. + * added 10 SKS peers as a result of feedback from sks-devel. * set localtime to America/New_York via dpkg-reconfigure tzdata * aptitude update && aptitude full-upgrade * set up /var/lib/sks/www/index.html based on -- cgit v1.2.3 From 08c0d045d6608ee7cba7b979ce007087d703693c Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sat, 29 Nov 2008 15:56:30 -0500 Subject: notes about zimmermann HTTPS --- doc/zimmermann/changelog | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'doc') diff --git a/doc/zimmermann/changelog b/doc/zimmermann/changelog index cb84b43..8dedf58 100644 --- a/doc/zimmermann/changelog +++ b/doc/zimmermann/changelog @@ -1,12 +1,16 @@ ****************************************************************************** * * -* zimmerman system log * +* zimmermann system log * * * ****************************************************************************** * Please add new entries in reverse chronological order whenever you make * * changes to this system (first command at top, last at bottom) * ****************************************************************************** +2008-11-29 - dkg + * zimmermann now uses an X.509 certificate signed by the MF/PL CA + for its HTTPS connection. + 2008-11-19 - dkg * added 10 SKS peers as a result of feedback from sks-devel. * set localtime to America/New_York via dpkg-reconfigure tzdata -- cgit v1.2.3