I've been trying to install a PGP keyserver for some time, then found sks.
It's in the Ubuntu repositories, so actually installing it is a breeze :
# sudo apt-get install sks
However, configuring it is a little more complicated, here are the steps I took :
- Open a terminal window
- Create the database to store the keys
# sudo sks build
- Start sks, then close it, to ensure that all files it requires are created correctly
# sudo sks db ^C
- Set database permissions on the database used by sks to store keys
# sudo chown -Rc debian-sks:debian-sks /var/lib/sks/DB
- To start the server automatically, set initstart=yes in /etc/default/sks
- Edit /etc/init.d/sks to automatically create the/var/run/sks directory on startup.
At (approx) line 71 (after the check for /etc/default/sks & before 'echo -n "sksdb.."') add
mkdir -p `dirname "$SKSDBPID"`
chown debian-sks `dirname "$SKSDBPID"`
- The log archive script which is run daily from cron assumes that sks is using db4.1.
Under Ubuntu the database used is db4.6.
In /etc/cron.daily/sks change db4.1_archive to db4.6_archive.
The keyserver can be started
# sudo /etc/init.d/sks start
It listens on port 11371, and can be used with the encryption tools provided by Ubuntu, Thunderbird & Evolution
Now, to configure the web-interface, I had to find two files which weren't included in the distribution.
These are :
- index.html : main keyserver web-page
- keys.jpg : image displayed on the keyserver web-page
You can download an archive containing these files from here to your machine.
To install the files :
- Unzip the archive
# tar cvjf sks_www.tar.bz2
- Edit index.html and change the three references to your.site.name (currently at lines 20, 36 & 62) to the url of your keyserver (in my case keyserver.rainydayz.org)
- Make a directory for the files where the keyserver will look for them
# sudo mkdir /var/lib/sks/www
- Copy the files
# sudo cp index.html /var/lib/sks/www/
# sudo cp keys.jpg /var/lib/sks/www/
- Change permissions on the files
# sudo chown -R debian-sks:debian-sks /var/lib/sks/www
You should now be able to browse to your server on port 11371 and search for, upload & download keys.
As example, my keyserver can be found at http://keyserver.rainydayz.org:11371