Re: [Sks-devel] pool.sks-keyservers.net in seahorse

sks-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] pool.sks-keyservers.net in seahorse

From:	Kim Minh Kaplan
Subject:	Re: [Sks-devel] pool.sks-keyservers.net in seahorse
Date:	Tue, 05 Apr 2011 10:01:49 +0000
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/23.1 (gnu/linux)

Jonathon Weiss writes:

> John Clizbe writes:
>
>> BTW, check your SKS DB port, it looks to be set to 17311, i.e.,
>> -rw-r--r-- 1 sks  sks  95304 Apr  1 23:35 diff-18.9.60.141_17311.txt
>
> It is, though that port is firewalled.  Apache is listening on 11371 and
> forwarding requests to 17311.  This was needed to deal with clients that
> were either mis-behaving, or behind a bad network.

Beware: the SKS recon process sends the port of the SKS db server to
your peers. It means that John's recon process will try to retrieve the
missing keys on your port 17311 which is apparently not what you expect.
The result is that while your server succesfully retrieves keys from the
rest of the SKS network, the keys that have been uploaded to your server
never make it out to the rest of the world.

To have your peers use port 11371 you will probably (not tried) have to
use a separate directories for the db and recon processes so that you
can configure each of them with different hkp_port.
-- 
Kim Minh

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Sks-devel] pool.sks-keyservers.net in seahorse, Jonathon Weiss, 2011/04/01
- Re: [Sks-devel] pool.sks-keyservers.net in seahorse, John Clizbe, 2011/04/02
  - Re: [Sks-devel] pool.sks-keyservers.net in seahorse, Jonathon Weiss, 2011/04/04
    - Re: [Sks-devel] pool.sks-keyservers.net in seahorse, John Clizbe, 2011/04/04
    - Re: [Sks-devel] pool.sks-keyservers.net in seahorse, Kim Minh Kaplan <=
    - Re: [Sks-devel] pool.sks-keyservers.net in seahorse, John Clizbe, 2011/04/05
    - Re: [Sks-devel] pool.sks-keyservers.net in seahorse, John Marshall, 2011/04/06
    - Re: [Sks-devel] pool.sks-keyservers.net in seahorse, Jonathon Weiss, 2011/04/06
    - Re: [Sks-devel] peering with non-standard hkp_port [was: pool.sks-keyservers.net in seahorse], John Marshall, 2011/04/06

Prev by Date: Re: [Sks-devel] Are IPv6-only keyservers acceptable in the pool?
Next by Date: [Sks-devel] New Keyserver
Previous by thread: Re: [Sks-devel] pool.sks-keyservers.net in seahorse
Next by thread: Re: [Sks-devel] pool.sks-keyservers.net in seahorse
Index(es):
- Date
- Thread