There are a number of public PGP key servers out there, but if we wanted to make sure we had some level of trust, we wanted to maintain and control our own key server. Well it turns out that in Ubuntu, setting up a PGP/GPG key server is just as easy as setting up PGP/GPG in general.Just do the following:
- Install the sks package>sudo apt-get install sks
- Build the key database>sudo sks build
- Set database permissions>sudo chown -Rc debian-sks:debian-sks /var/lib/sks/DB
- Set the server to start automatically at bootset initstart=yes in /etc/default/sks
- Start the service >sudo /etc/init.d/sks start
That is it! Now your server is listening on port 11371 for key requests. You can now send and retrieve keys to and from the server using your favorite key manager!
If that is not good enough for you, then you can also add a web interface to handle your key searches and requests. To do that you will need to install Apache:
>sudo apt-get install apache2
Once installed create a directory called www in /var/lib/sks/. Download the index.html and keys.jpg file you will need here: (OpenSKS Web Interface)
Extract the contents to /var/lib/sks/www/. Edit index.html and change the three references to your.site.name (currently at lines 20, 36 & 62) to the url of your keyserver, for example keys.bauer-power.net. Now set the correct permissions on that directory: >sudo chown -R debian-sks:debian-sks /var/lib/sks/www
Now if you browse to http://your.server.name:11371 you will see a nice, user-friendly web interface for doing public key exchanges!