I’m a student of the Politecnico di Milano university and I’m proceeding in my road to the master degree in computer science and engineering.
I have inserted in my academic plan a course called “Cryptography and architectures for computer security” in which the teacher proposed some projects concerning the argument of the course.
In particular one project is about HockeyPuck and this captured the interests of me and a colleague of mine.
“HockeyPuck (https://hockeypuck.io/) is a recent reimplementation of the traditional SKS keyserver software, employed to build a distributed storage for openPGP certificates. The synchronization mechanism between keyservers may lead to split-world scenarios if a malicious upload is performed.
The purpose of this project is to test the resilience of HockeyPuck against this attack.”
We have tried many times to install and configure HockeyPuck in our machines and cloud machines, but never succeed.
As recommended by some contributors, we used Docker for the installation process, and the scripts associated to that also deal with the automatic configuration and installation of Postgresql, Nginx and Prometheus. So we did no more than running all the scripts correctly and then using docker compose (after having downloaded the keys).
We also tried with the snap in the snap store, but never succeed also with that.
We used mainly Virtualbox with Ubuntu installed (we used at first the last version, then we tried also with 20.04), but never succeed.
We have followed the documentation on Github and on the old HockeyPuck page made by Casey Marshall (no more maintained), but the results never changed.
We wrote also issues on the Github repo, but the answers were not useful to complete the deployment.
Our teacher have recommended to wrote you an email, since you are the community referencing to HockeyPuck, to ask some help for the configuration process, in particular we are searching for some detailed guidelines (and also updated sources, if needed) both for the installation and the usage.
I cordially thank you in advance for the help.