[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] SKS peering request [sks-server.randala.com]
From: |
Tobias Frei |
Subject: |
Re: [Sks-devel] SKS peering request [sks-server.randala.com] |
Date: |
Sun, 06 Apr 2014 11:07:11 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.4.0 |
Hi,
if you'd be using the latest Ubuntu, you would probably also have
access to the newest SKS version in the repositories. ;-)
Ubuntu 14.04 LTS will come out soon; upgrading to that should give you
1.1.4.
If your server is running on amd64, you can use this .deb for now, if
you want to:
http://freiwuppertal.de/sks_1.1.4-2.1ubuntu1_amd64.deb
Best regards,
Tobias Frei
Am 05.04.2014 16:17, schrieb Martin Papik:
>
> Thank you, I've upgraded to 1.1.3, although why Ubuntu didn't
> install that one without an explicit parameter boggles me a bit. Oh
> well. Is that sufficient, or will I have to install the very latest
> from source?
>
> The web server is enabled, there's just no main page in the
> directory yet.
>
> I see "Error fetching key from hash **** : Not_found" messages in
> the log though, is this normal? The hashes update, so I'm not
> overly worried, just want to know if this is normal.
>
> Anyway, thanks again for taking the time to assist me.
>
> Martin
>
> On 04/05/2014 04:38 PM, BluKeyserver wrote: Hi Martin,
>
> Quoting from
> https://bitbucket.org/skskeyserver/sks-keyserver/wiki/Peering
>
> 'Versions prior to 1.1.2 have a severe interoperability bug (POST
> requests for exchanging keys are HTTP/0.9, does not work with
> modern setups having reverse HTTP proxies in front as a best
> practice.'
>
> Perhaps it's a time to ditch the 1.1.1 and try to compile 1.1.4
> instead ?
>
> Also, I have noticed, that you did not enable the built-in www
> server:
>
> 'Page not found: /var/lib/sks/www/index.html'
>
> Regards, H.Storm [TheBluProject]
>
> On 05/04/2014 07:52, Martin Papik wrote:
>>>> Thank you very much Jerzy, however I'm facing some problems.
>>>> I wonder if you have any insight. I'm new to sks, but it
>>>> seems to me that there might be an apache proxy intercepting
>>>> the connections and interfering somehow. I don't see my
>>>> server in
>>>> http://keyserver.kolosowscy.pl:11371/pks/lookup?op=stats, but
>>>> the sks servers are talking to each other on 11370 so I'm
>>>> assuming there's some kind of asymmetric setup.
>>>>
>>>> Any help would be appreciated.
>>>>
>>>> Martin
>>>>
>>>> In the log I see (after incrementing http_fetch_size to 1000
>>>> to reduce the number of entries).
>>>>
>>>> 2014-04-05 08:43:40 address for
>>>> keyserver.kolosowscy.pl:11370 changed from [] to [<ADDR_INET
>>>> [176.241.243.15]:11370>, <ADDR_INET
>>>> [2002:b0f1:f30f::1]:11370>] 2014-04-05 08:44:06 6064 hashes
>>>> recovered from <ADDR_INET [176.241.243.15]:11371> 2014-04-05
>>>> 08:44:11 Requesting 1000 missing keys from <ADDR_INET
>>>> [176.241.243.15]:11371>, starting with
>>>> 0005AB14802673F046EC31CC93AC36DC 2014-04-05 08:44:11 Error
>>>> getting missing keys: Failure("<!DOCTYPE HTML PUBLIC
>>>> \"-//IETF//DTD HTML 2.0//EN\">") 2014-04-05 08:44:11
>>>> Requesting 1000 missing keys from <ADDR_INET
>>>> [176.241.243.15]:11371>, starting with
>>>> 29DF15D7EF250667DE9012CDF6891CE7 2014-04-05 08:44:11 Error
>>>> getting missing keys: Failure("<!DOCTYPE HTML PUBLIC
>>>> \"-//IETF//DTD HTML 2.0//EN\">") 2014-04-05 08:44:11
>>>> Requesting 1000 missing keys from <ADDR_INET
>>>> [176.241.243.15]:11371>, starting with
>>>> 54ABD9C187E4555DB2377ABFCD29D8B8 2014-04-05 08:44:11 Error
>>>> getting missing keys: Failure("<!DOCTYPE HTML PUBLIC
>>>> \"-//IETF//DTD HTML 2.0//EN\">") 2014-04-05 08:44:11
>>>> Requesting 1000 missing keys from <ADDR_INET
>>>> [176.241.243.15]:11371>, starting with
>>>> 7E819BE55160DDBD06E480F74F1D6017 2014-04-05 08:44:11 Error
>>>> getting missing keys: Failure("<!DOCTYPE HTML PUBLIC
>>>> \"-//IETF//DTD HTML 2.0//EN\">") 2014-04-05 08:44:11
>>>> Requesting 1000 missing keys from <ADDR_INET
>>>> [176.241.243.15]:11371>, starting with
>>>> A7E5518397DB6A961E9FB8B59C1391D6 2014-04-05 08:44:11 Error
>>>> getting missing keys: Failure("<!DOCTYPE HTML PUBLIC
>>>> \"-//IETF//DTD HTML 2.0//EN\">") 2014-04-05 08:44:12
>>>> Requesting 1000 missing keys from <ADDR_INET
>>>> [176.241.243.15]:11371>, starting with
>>>> D348A85B40F5C08C3CA2E9AB09EF2CB0 2014-04-05 08:44:12 Error
>>>> getting missing keys: Failure("<!DOCTYPE HTML PUBLIC
>>>> \"-//IETF//DTD HTML 2.0//EN\">") 2014-04-05 08:44:12
>>>> Requesting 64 missing keys from <ADDR_INET
>>>> [176.241.243.15]:11371>, starting with
>>>> FD40B34ECD8971CFCECF9E79D48772F0 2014-04-05 08:44:12 Error
>>>> getting missing keys: Failure("<!DOCTYPE HTML PUBLIC
>>>> \"-//IETF//DTD HTML 2.0//EN\">")
>>>>
>>>> The tcpdump output contains (looks like HTTP 0.9, no host
>>>> header in the request, no HTTP headers in the response).
>>>>
>>>> Request to 176.241.243.15:11371
>>>>
>>>> POST /pks/hashquery content-length: 24
>>>>
>>>> Response from 176.241.243.15:11371
>>>>
>>>> <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
>>>> <html><head> <title>502 Proxy Error</title> </head><body>
>>>> <h1>Proxy Error</h1> <p>The proxy server received an invalid
>>>> response from an upstream server.<br /> The proxy server
>>>> could not handle the request <em><a
>>>> href="/pks/hashquery">POST /pks/hashquery</a></em>.<p>
>>>> Reason: <strong>Error reading from remote
>>>> server</strong></p></p> <hr> <address>Apache Server at
>>>> keyserver.kolosowscy.pl Port 80</address> </body></html>
>>>>
>>>>
>>>>
>>>>
>>>> On 04/05/2014 04:21 AM, Jerzy Ko?osowski wrote:
>>>>> Hi,
>>>>>
>>>>> I added your server. My line to add:
>>>>>
>>>>> keyserver.kolosowscy.pl 11370 # Jerzy Kolosowski
>>>>> <address@hidden>
>>>>>
>>>>> Rgds,
>>>>>
>>>>> Jerzy Ko?osowski
>>>>>
>>>>> Dnia ?roda, 2 kwietnia 2014 05:50:52 Martin Papik pisze:
>>>>>> Hi everyone,
>>>>>>
>>>>>> I've just configured sks 1.1.1 (default on Ubuntu) on
>>>>>> sks-server.randala.com. The machine has IPv6 but SKS has
>>>>>> not yet been assigned an address. I wonder, is there an
>>>>>> advantage (e.g. in terms of peering)? The server is
>>>>>> located in Germany/EU. For now I'm deploying
>>>>> the
>>>>>> server for R&D as a proxy for my private server (behind
>>>>>> my ISPs randomized NAT).
>>>>>>
>>>>>> You may contact me if you have further questions or for
>>>>>> any issues, operational or otherwise.
>>>>>>
>>>>>> Loaded from: http://keys.niif.hu/keydump/ [2014-03-31?
>>>>>> ... köszönöm] Loaded: 3583821 keys
>>>>>>
>>>>>> Line to add to /etc/sks/membership
>>>>>>
>>>>>> sks-server.randala.com 11370
>>>>>>
>>>>>> Thank you.
>>>>>>
>>>>>> Martin
>>>>>>
>>>>>> _______________________________________________
>>>>>> Sks-devel mailing list address@hidden
>>>>>> https://lists.nongnu.org/mailman/listinfo/sks-devel
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> Sks-devel mailing list address@hidden
>>>>>> https://lists.nongnu.org/mailman/listinfo/sks-devel
>>>>
>>>>
>>>> _______________________________________________ Sks-devel
>>>> mailing list address@hidden
>>>> https://lists.nongnu.org/mailman/listinfo/sks-devel
>>>>
>>
>> _______________________________________________ Sks-devel mailing
>> list address@hidden
>> https://lists.nongnu.org/mailman/listinfo/sks-devel
>
>
> _______________________________________________ Sks-devel mailing
> list address@hidden
> https://lists.nongnu.org/mailman/listinfo/sks-devel
>
- [Sks-devel] SKS peering request [sks-server.randala.com], Martin Papik, 2014/04/02
- Re: [Sks-devel] SKS peering request [sks-server.randala.com], Jerzy Kołosowski, 2014/04/04
- Re: [Sks-devel] SKS peering request [sks-server.randala.com], Martin Papik, 2014/04/05
- Re: [Sks-devel] SKS peering request [sks-server.randala.com], BluKeyserver, 2014/04/05
- Re: [Sks-devel] SKS peering request [sks-server.randala.com], Martin Papik, 2014/04/05
- Re: [Sks-devel] SKS peering request [sks-server.randala.com],
Tobias Frei <=
- Re: [Sks-devel] SKS peering request [sks-server.randala.com], Martin Papik, 2014/04/06
- Re: [Sks-devel] SKS peering request [sks-server.randala.com], Tobias Frei, 2014/04/06
- Re: [Sks-devel] SKS peering request [sks-server.randala.com], Martin Papik, 2014/04/06
- Re: [Sks-devel] SKS peering request [sks-server.randala.com], Phil Pennock, 2014/04/07
- Re: [Sks-devel] SKS peering request [sks-server.randala.com], Martin Papik, 2014/04/06
- Re: [Sks-devel] SKS peering request [sks-server.randala.com], Kristian Fiskerstrand, 2014/04/07
- Re: [Sks-devel] SKS peering request [sks-server.randala.com], Martin Papik, 2014/04/08
- Re: [Sks-devel] SKS peering request [sks-server.randala.com], Kristian Fiskerstrand, 2014/04/09