Re: [Sks-devel] disunitedstates.com now available on IPv6

sks-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] disunitedstates.com now available on IPv6

From:	Arnold
Subject:	Re: [Sks-devel] disunitedstates.com now available on IPv6
Date:	Thu, 10 Oct 2013 20:13:11 +0200
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:10.0.12) Gecko/20130116 Icedove/10.0.12

On 10/10/2013 07:42 PM, David Benfell wrote:
> On 10/10/2013 05:57 AM, Todd Lyons wrote:
>> Make sure to add pool.sks-keyservers.net
>> and *.pool.sks-keyservers.net as ServerAliases (apache speak,
>> varies if you're using a different rproxy mechanism).
> 
> I haven't even found a HOWTO on setting up the proxy that both
> actually works and makes sense to me, so I've never done this. And

I got my system configured using
https://bitbucket.org/skskeyserver/sks-keyserver/wiki/Peering

In short:
- configure SKS to listen to port 11371 on the localhost interface only (IP 
address
::1 or for IPv4 127.0.0.1)
- set up a proxyserver to listen to port 11371 on the IP-adresses of the NIC
(2a02:c200:0:10::404:201 or for IPv4 91.205.174.231 or whatever address the 
server
has on your LAN via NAT)
- configure the proxyserver to forward requests on port 11371 on the external 
(NIC)
addresses to localhost:11371.

> disunitedstates.com is in use for another application on ports 80/443

This does not matter, as you only use the proxy for traffic to port 11371. If 
you
use apache or nginx to serve ports 80/443, you can configure it to also act as a
proxy for port 11371. You can also use different proxy software to keep things a
bit separated.

> anyway. I *could*, however, add a subdomain and allocate one of my
> spare IPv4 addresses to it and tell sks to listen to more addresses.

You have a _spare_ IPv4 address? Wow! ;-)

This is not needed, unless you want to serve keys over port 80 as well. Even 
then,
with apache or nginx (and probably other s/w) you can have a virtual server for 
a
subdomain on the same server with a single IP-address.

Arnold

[Prev in Thread]

Current Thread

[Next in Thread]

[Sks-devel] disunitedstates.com now available on IPv6, David Benfell, 2013/10/10
- Re: [Sks-devel] disunitedstates.com now available on IPv6, Todd Lyons, 2013/10/10
  - Re: [Sks-devel] disunitedstates.com now available on IPv6, Arnold, 2013/10/10
    - Re: [Sks-devel] disunitedstates.com now available on IPv6, Stephan Seitz, 2013/10/10
    - Re: [Sks-devel] disunitedstates.com now available on IPv6, David Benfell, 2013/10/10
    - Re: [Sks-devel] disunitedstates.com now available on IPv6, Todd Lyons, 2013/10/10
  - Re: [Sks-devel] disunitedstates.com now available on IPv6, David Benfell, 2013/10/10
    - Re: [Sks-devel] disunitedstates.com now available on IPv6, Arnold <=
    - Re: [Sks-devel] disunitedstates.com now available on IPv6, David Benfell, 2013/10/10
    - Re: [Sks-devel] disunitedstates.com now available on IPv6, Todd Lyons, 2013/10/10
    - Re: [Sks-devel] disunitedstates.com now available on IPv6, Kristian Fiskerstrand, 2013/10/10
    - Re: [Sks-devel] disunitedstates.com now available on IPv6, Todd Lyons, 2013/10/10
    - Re: [Sks-devel] disunitedstates.com now available on IPv6, Kristian Fiskerstrand, 2013/10/10
    - Re: [Sks-devel] disunitedstates.com now available on IPv6, Todd Lyons, 2013/10/10
    - Re: [Sks-devel] disunitedstates.com now available on IPv6, David Benfell, 2013/10/10
    - Re: [Sks-devel] disunitedstates.com now available on IPv6, Phil Pennock, 2013/10/11
    - Re: [Sks-devel] disunitedstates.com now available on IPv6, Jeremy T. Bouse, 2013/10/11
    - Re: [Sks-devel] disunitedstates.com now available on IPv6, David Benfell, 2013/10/12

Prev by Date: Re: [Sks-devel] disunitedstates.com now available on IPv6
Next by Date: Re: [Sks-devel] disunitedstates.com now available on IPv6
Previous by thread: Re: [Sks-devel] disunitedstates.com now available on IPv6
Next by thread: Re: [Sks-devel] disunitedstates.com now available on IPv6
Index(es):
- Date
- Thread