sks-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: HockeyPuck deployment problems

From: Marcel Waldvogel
Subject: Re: HockeyPuck deployment problems
Date: Mon, 25 Oct 2021 15:45:35 +0200
User-agent: Evolution 3.40.4-1
Michele,

it is great to hear about your interest in computer security and I am sorry to hear that you do have problems with Hockeypuck in Docker.

I am running two Hockeypucks under Docker and have had some problems in the beginning, but I hoped that what I learned during that process had been reflected in the hockeypuck.io documentation.

Can you tell us more about your problems, i.e., what is your current setup and what does and does not work and what you already tried to diagnose these problems or even fix them?

-Marcel

PS: How do you plan to check for the split-world behavior? (And I hope you will not use this against the global keyserver network… BTW: Contributions for how to avoid this are welcome.)

PPS: At some point, it may be useful to take the discussion off-list. But right now, the information might still be relevant to the original goal of the list, contribute to the development and operation of (SKS[-protcol] based) OpenPGP keyservers.

Am Montag, dem 25.10.2021 um 10:00 +0000 schrieb Michele Marazzi:
Hi,
I’m a student of the Politecnico di Milano university and I’m proceeding in my road to the master degree in computer science and engineering.
I have inserted in my academic plan a course called “Cryptography and architectures for computer security” in which the teacher proposed some projects concerning the argument of the course.
In particular one project is about HockeyPuck and this captured the interests of me and a colleague of mine. 
 This is the draft of the project:
“HockeyPuck (https://hockeypuck.io/) is a recent reimplementation of the traditional SKS keyserver software, employed to build a distributed storage for openPGP certificates. The synchronization mechanism between keyservers may lead to split-world scenarios if a malicious upload is performed.
The purpose of this project is to test the resilience of HockeyPuck against this attack.”
We have tried many times to install and configure HockeyPuck in our machines and cloud machines, but never succeed.
As recommended by some contributors, we used Docker for the installation process, and the scripts associated to that also deal with the automatic configuration and installation of Postgresql, Nginx and Prometheus. So we did no more than running all the scripts correctly and then using docker compose (after having downloaded the keys).
We also tried with the snap in the snap store, but never succeed also with that.
We used mainly Virtualbox with Ubuntu installed (we used at first the last version, then we tried also with 20.04), but never succeed.
We have followed the documentation on Github and on the old HockeyPuck page made by Casey Marshall (no more maintained), but the results never changed.
We wrote also issues on the Github repo, but the answers were not useful to complete the deployment.
Our teacher have recommended to wrote you an email, since you are the community referencing to HockeyPuck, to ask some help for the configuration process, in particular we are searching for some detailed guidelines (and also updated sources, if needed) both for the installation and the usage.
I cordially thank you in advance for the help.
Best Regards.

Michele Marazzi
reply via email to
[Prev in Thread] Current Thread [Next in Thread]