freedombone/doc/EN/app_keyserver.org

#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, keyserver
#+DESCRIPTION: How to use KEYSERVER
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />

#+BEGIN_CENTER
[[file:images/logo.png]]
#+END_CENTER

#+BEGIN_EXPORT html
<center>
<h1>OpenPGP Key Server</h1>
</center>
#+END_EXPORT

#+BEGIN_CENTER
[[file:images/keyserver.jpg]]
#+END_CENTER

The usual way in which you obtain GPG public keys for email encryption or other purposes is via a key server. There are a few common ones out there, but it's also possible to run your own key server.

* Installation

ssh into the system with:

#+BEGIN_SRC bash
ssh myusername@mydomain.com -p 2222
#+END_SRC

Select *Add/Remove Apps* then *keyserver*. You will then be asked for a domain name and if you are using FreeDNS also the code for the domain which can be found under *Dynamic DNS* on the FreeDNS site (the random string from "/quick cron example/" which appears after /update.php?/ and before />>/). For more details on obtaining a domain and making it accessible via dynamic DNS see the [[./faq.html][FAQ]]. Typically the domain name you use will be a subdomain, such as /keys.mydomainname.net/. It will need to be a domain which you have bought somewhere and own and not one of the FreeDNS subdomains, otherwise you won't be able to get a SSL/TLS certificate for it.

After the install has completed go to *Security settings* and select *Create a new Let's Encrypt certificate* and enter the domain name that you are using for the Key server. If the certificate is obtained successfully then you will see a congratulations message.

* How to use it
Interaction with the web user interface is pretty minimal and obvious, but most likely you will also want to be able to use your keyserver from the commandline. To do that use the *--keyserver* option:

#+begin_src bash
gpg --keyserver [your keyserver domain] --search-keys [email address]
#+end_src