├── web ├── robots.txt ├── favicon.ico ├── others-404.html └── index.html ├── sksconf ├── Caddyfile ├── deploy.sh └── membership /web/robots.txt: -------------------------------------------------------------------------------- 1 | User-agent: * 2 | Disallow: / 3 | -------------------------------------------------------------------------------- /web/favicon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zhsj/sks-ustc/HEAD/web/favicon.ico -------------------------------------------------------------------------------- /sksconf: -------------------------------------------------------------------------------- 1 | debuglevel: 3 2 | hostname: pgp.ustc.edu.cn 3 | server_contact: 0xCF0E265B7DFBB2F2 4 | recon_address: 202.38.95.91 2001:da8:d800:95::91 5 | recon_port: 11370 6 | hkp_address: 127.0.0.1 7 | hkp_port: 11371 8 | initial_stat: 9 | disable_mailsync: 10 | pagesize: 16 11 | ptree_pagesize: 16 12 | http_fetch_size: 10 13 | -------------------------------------------------------------------------------- /web/others-404.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 404 Not Found 6 | 7 | 8 | 9 | 10 |

11 |

404 Not Found

12 |

13 | Please update your configuration to 14 | pgp.ustc.edu.cn 15 |

16 |

17 | 请更新你的配置文件为 18 | pgp.ustc.edu.cn 19 |

20 |

21 | 22 | 23 | 24 | -------------------------------------------------------------------------------- /Caddyfile: -------------------------------------------------------------------------------- 1 | http://:11371, 2 | http://pgp.ustc.edu.cn, 3 | https://pgp.ustc.edu.cn { 4 | bind 202.38.95.91 2001:da8:d800:95::91 5 | root /var/lib/sks/web/ 6 | gzip { 7 | ext .html .ico 8 | } 9 | cache { 10 | match_path /pks/ 11 | default_max_age 30m 12 | } 13 | proxy /pks/ http://127.0.0.1:11371/ { 14 | header_downstream Via "{proto} {hostonly}:11371 (Caddy)" 15 | } 16 | limits 10mb 17 | tls zsj950618@gmail.com 18 | log / stdout "[Caddy:{host}] {combined}" 19 | } 20 | 21 | http://sks.ustclug.org, 22 | https://sks.ustclug.org { 23 | bind 202.38.95.91 2001:da8:d800:95::91 24 | root /var/lib/sks/web/ 25 | status 404 / 26 | errors { 27 | 404 others-404.html 28 | } 29 | tls self_signed 30 | log / stdout "[Caddy:{host}] {combined}" 31 | } 32 | -------------------------------------------------------------------------------- /deploy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -ex 4 | 5 | if [[ "$EUID" -ne 0 ]]; then 6 | echo "Please run as root!" 7 | exit 1 8 | fi 9 | 10 | if ! docker info; then 11 | wget https://download.docker.com/linux/debian/gpg -O /etc/apt/trusted.gpg.d/docker 12 | gpg --dearmor /etc/apt/trusted.gpg.d/docker 13 | rm -f /etc/apt/trusted.gpg.d/docker 14 | echo deb https://download.docker.com/linux/debian stretch stable > /etc/apt/sources.list.d/docker.list 15 | apt update 16 | apt install -y --no-install-recommends docker-ce 17 | systemctl enable --now docker 18 | fi 19 | 20 | docker pull zhusj/sks:full 21 | 22 | if [[ ! -e /var/lib/sks ]]; then 23 | s3fs keydump /mnt -o url=http://s3.zhsj.me/ -o use_path_request_style -o public_bucket=1 24 | docker run --rm -v /var/lib/sks/:/var/lib/sks/ -v /mnt/2018-06-16/:/var/lib/sks/dump/ zhusj/sks:full sks-init 25 | fusermount -u /mnt/ 26 | fi 27 | 28 | cur=$(dirname "$(readlink -f "$0")") 29 | rm -f /var/lib/sks/membership 30 | cp "$cur/membership" /var/lib/sks/membership 31 | rm -f /var/lib/sks/sksconf 32 | cp "$cur/sksconf" /var/lib/sks/sksconf 33 | rm -f /var/lib/sks/caddy/Caddyfile 34 | cp "$cur/Caddyfile" /var/lib/sks/caddy/Caddyfile 35 | rm -rf /var/lib/sks/web 36 | cp -r "$cur/web" /var/lib/sks/web 37 | 38 | docker rm -v -f sks-keyserver || true 39 | 40 | docker run -it -d --restart=always --name sks-keyserver \ 41 | --log-opt max-size=10m --log-opt max-file=2 --memory=1800m \ 42 | -v /var/lib/sks/:/var/lib/sks/ \ 43 | --network=host zhusj/sks:full 44 | 45 | docker image prune -f -a 46 | -------------------------------------------------------------------------------- /membership: -------------------------------------------------------------------------------- 1 | # pgp.ustc.edu.cn 11370 # Shengjing Zhu 0xCF0E265B7DFBB2F2 2 | keys.fedoraproject.org 11370 # Nick Bebout 0x167B4A54236BBEAA37DCCD92ED14D5E7110810E9 3 | keyserver.escomposlinux.org 11370 # PGP Key Server Administrator 0x9494EB8D619AFE032AD1C2DCBE84550A2578867D 4 | pgp.gwolf.org 11370 # Gunnar Wolf 0x673A03E4C1DB921F 5 | pgp.lehigh.edu 11370 # Keith Erekson 0xC9A3C33D 6 | keyserver.oeg.com.au 11370 # Mike O'Connor 0xE61814F5 7 | pgp.surfnet.nl 11370 # Melvin Koelewijn 0x2DE51BC259A925CD 8 | 9 | pgp.key-server.io 11370 # Carles Tubio 0xFA101D1FC3B39DE0 10 | 11 | 12 | # Temporary disabled, server down 13 | # pgp.archreactor.org 11370 # Travis Megee 0xdd6017f142b7c552 14 | # keyserver.ntzwrk.org 11370 # ntzwrk / https://onename.com/ntzwrk 0x4124909FDAB6DE615DD5BFD65EE2F34DE4DB893E 15 | # sks.bonus-communis.eu 11370 # Pascal Levasseur 0xD01EE2BECE6873C6E79BC6CF68114745EC98DE38 16 | # keys.schluesselbruecke.de 11370 # Matthias Schreiber 0x586A2E13F52616561BFC32C95B964AE610D49726 17 | # sks.openpgp-keyserver.de 11370 # Matthias Schreiber 0x586A2E13F52616561BFC32C95B964AE610D49726 18 | # kr-sks.salac.me 11370 # Adam Salač 0x50B3F73F0152757F 19 | # sks.powdarrmonkey.net 11370 # Jonathan Wiltshire 0x5394479DD3524C51 20 | # keys.connectical.com 11370 # Andres J. Diaz 21 | # pgpkeyserver.nl 11370 # Hillebrand van de Groep 0xA4B8697C 22 | -------------------------------------------------------------------------------- /web/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | PGP Key Server 6 | 7 | 158 | 166 | 167 | 168 | 169 |

PGP Key Server

170 | 171 |

172 | 173 | 174 | 175 | 176 | 195 |

196 |

197 |

198 | Extract a key 199 | 获取公钥 200 |

201 |

202 | You can find a key by typing in some words that appear in the userid (name, email, etc.) 203 | of the key you're looking for, or by typing in the keyid in hex format ("0x…") 204 |

205 |

206 | 你可以搜索一个公钥中的 userid（name, email 等），或者直接输入 keyid 的十六进制格式（如 "0x…"）。 207 |

208 |

209 |

210 | 211 | Search for a public key 212 | 搜索公钥 213 | 214 |

215 | 216 |

217 |

218 | 219 | 220 | Show PGP Fingerprints 221 | 显示 PGP 指纹 222 | 223 |

224 |

225 | 226 | 227 | Show SKS full-key hashes 228 | 显示 SKS full-key 哈希 229 | 230 |

231 |

232 | 233 | 234 | Get regular index of matching keys 235 | 获取匹配公钥的 regular index 236 | 237 |

238 |

239 | 240 | 241 | Retrieve ascii-armored keys 242 | 获取 ascii-armored 格式的公钥 243 | 244 |

245 |

246 | 247 | 248 | Retrieve keys by full-key hash 249 | 通过 full-key 哈希获取公钥 250 | 251 |

252 | 256 | 260 |

261 |

262 |

263 |

264 |

265 | Submit a key 266 | 提交公钥 267 |

268 |

269 | You can submit a key by simply pasting in the ASCII-armored version of your key and clicking on submit. 270 |

271 |

272 | 你可以把公钥 ASCII-armored 格式的内容粘贴在这里，然后点击提交上传。 273 |

274 | 287 |

288 |

289 |

FAQ

290 |

292 |
293 | Q1: The server info 294 | Q1: 服务器信息 295 |
296 |
297 | This server is sponsored by 298 | USTC Network Information Center. 299 | The deployment scripts, source of the webpage can be found at 300 | GitHub. 301 |
302 |
303 | 本服务是由 304 | 中国科学技术大学网络信息中心 305 | 提供赞助。服务器的部署脚本、本网页的源码可在 306 | GitHub 找到。 307 |
308 |
309 | For operational issues, please contact 310 | 0xCF0E265B7DFBB2F2. 311 |
312 |
313 | 如果有任何运营方面的问题，可以联系 314 | 0xCF0E265B7DFBB2F2。 315 |
316 |
318 |
319 | Q2: Configuration for GnuPG 320 | Q2: GnuPG 配置 321 |
322 |
323 | For GnuPG 2, you can put following line in 324 | ~/.gnupg/dirmngr.conf: 325 |
326 |
327 | GnuPG 2 的用户，可以在 328 | ~/.gnupg/dirmngr.conf 文件中加入下面一行： 329 |
330 |
```
keyserver hkps://pgp.ustc.edu.cn
```
331 |
332 | Then run 333 | gpgconf --reload dirmngr to reload dirmngr. 334 |
335 |
336 | 然后运行 337 | gpgconf --reload dirmngr 使配置生效。 338 |
339 |

341 |

342 | Q3: Useful links 343 | Q3: 参考链接 344 |

345 | 346 | 347 | 348 | 349 | 352 | 353 | 354 | 355 | 360 | 361 | 362 | 363 | 366 | 367 | 368 | 369 | 372 | 373 | 374 |

OpenPGP	350 \| https://www.openpgp.org 351 \|
SKS	356 \| 357 \| https://bitbucket.org/skskeyserver/sks-keyserver 358 \| 359 \|
Key Server Pool	364 \| https://sks-keyservers.net 365 \|
Server Stats	370 \| /pks/lookup?op=stats 371 \|

375 |

377 |

378 |

379 |

380 | 381 | 385 | 386 | 387 | 388 | 389 | 390 | 396 | --------------------------------------------------------------------------------