[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] pool.sks-keyservers.net in seahorse
From: |
John Marshall |
Subject: |
Re: [Sks-devel] pool.sks-keyservers.net in seahorse |
Date: |
Wed, 6 Apr 2011 17:43:03 +1000 |
User-agent: |
Mutt/1.4.2.3i |
On Tue, 05 Apr 2011, 10:01 +0000, Kim Minh Kaplan wrote:
> Jonathon Weiss writes:
>
> > John Clizbe writes:
> >
> >> BTW, check your SKS DB port, it looks to be set to 17311, i.e.,
> >> -rw-r--r-- 1 sks sks 95304 Apr 1 23:35 diff-18.9.60.141_17311.txt
> >
> > It is, though that port is firewalled. Apache is listening on 11371 and
> > forwarding requests to 17311. This was needed to deal with clients that
> > were either mis-behaving, or behind a bad network.
>
> Beware: the SKS recon process sends the port of the SKS db server to
> your peers. It means that John's recon process will try to retrieve the
> missing keys on your port 17311 which is apparently not what you expect.
> The result is that while your server succesfully retrieves keys from the
> rest of the SKS network, the keys that have been uploaded to your server
> never make it out to the rest of the world.
>
> To have your peers use port 11371 you will probably (not tried) have to
> use a separate directories for the db and recon processes so that you
> can configure each of them with different hkp_port.
I would have thought that the simplest solution would be for Janathon to
knock a hole in his firewall to allow his peers to communicate with his
server directly on the port (17311) advertised by his recon process.
ozsrv02# sockstat -4 | grep 18.9.60.141
sks sks 2005 13 tcp4 202.125.41.160:60480 18.9.60.141:17311
ozsrv02# netstat -nf inet | grep 18.9.60.141
tcp4 0 0 202.125.41.160.54175 18.9.60.141.17311 SYN_SENT
--
John Marshall
pgpiGefCUXHdk.pgp
Description: PGP signature
- Re: [Sks-devel] pool.sks-keyservers.net in seahorse, Jonathon Weiss, 2011/04/01
- Re: [Sks-devel] pool.sks-keyservers.net in seahorse, John Clizbe, 2011/04/02
- Re: [Sks-devel] pool.sks-keyservers.net in seahorse, Jonathon Weiss, 2011/04/04
- Re: [Sks-devel] pool.sks-keyservers.net in seahorse, John Clizbe, 2011/04/04
- Re: [Sks-devel] pool.sks-keyservers.net in seahorse, Kim Minh Kaplan, 2011/04/05
- Re: [Sks-devel] pool.sks-keyservers.net in seahorse, John Clizbe, 2011/04/05
- Re: [Sks-devel] pool.sks-keyservers.net in seahorse,
John Marshall <=
- Re: [Sks-devel] pool.sks-keyservers.net in seahorse, Jonathon Weiss, 2011/04/06
- Re: [Sks-devel] peering with non-standard hkp_port [was: pool.sks-keyservers.net in seahorse], John Marshall, 2011/04/06