Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
My collection of keysigning party related stuff
Fetching latest commit…
Cannot retrieve the latest commit at this time.
|Failed to load latest commit information.|
KSP Keyserver v0.1 ------------------ As a first warning: this tools were never thought to be published... I used them to organize a few KSP with participants from 20 to 150. So basically they seem to work.... The Keyserver: the keyserver is implemented in perl and only support the "add" method. So users can send their key via gpg --send-key .... This is much better than hoping to get all keys correctly via mail. The keyserver supports vhosts (if $vhostmode is enabled). That means that it uses HTTP 1.1 to detect the targethostname and then drops the key to: $basedir/$targethost/keys/$keyid. Otherwise the key gets dropped to $basedir. Requirements: Log::LogLite (Debian package liblog-loglite-perl) e.a. There are a few variables that can be adjusted via a configuration file. Default location of that file is keyserver.conf in the top level directory of the keyserver. This can be overwritten via the --configfile commandline option. The configuration file is a simple key/value. The following options are supported: basedir = /home/ksp/ksps <- Where to work and store the keys gpg = /usr/bin/gpg <- where is the gpg binary located vhostmode = 1 <- enable vhostmode (see above) bind = 0.0.0.0 <- bind to a specific ip daemonize = 1 <- go into background? LOG_FILE = /home/ksp/kspkeyserver.log <- logfile LOG_LEVEL = 7 <- loglevel: 1 means virtually nothing - 7 all updatehook = updatehook.sh %f <- some script to run after a key got submitted. %f gets replaced by the filename of the new key %v gets replaced with the (sanitized) vhostname The environment variable KSP_HOMEDIR is honored to overrule /home/ksp. So, starting the server as $ KSP_HOMEDIR=/tmp/ksp ./bin/kspkeyserver.pl could be useful for testing purposes. If you want to run multiple ksps in vhost mode simultaneous you may need to look some of them because you want to prevent the submission of new keys after the deadline. Just touch $basedir/$targethost/locked and the keysigning server will send the submitter an error. (Unfortunatly gpg don't understands the enhanced error messages) For security reasons you have to create $basedir/$targethost manually, otherwise anybody can create directorys on your system with a faked HTTP/1.1 header. This will change to a config option in the future. After configuring you can send a key via gpg and the hkp protocol to your server: gpg --keyserver hkp://your.host.bar --send YOURKEYID