================================================================================

      OpenKeyServer quick step-by-step installation instructions

      Please refer to the HTML document in the /info directory for 
      detailled instruction about configuring your keyserver.

      Copyright (c) 1999 Highware, Inc. All rights reserved.

================================================================================


Installing the OpenKeyServer

To install the server on your system, you must first uncompress and extract
the files from your distribution archive. These operations can be done via
the following commands:

>  # gunzip oks.<distribution-version-number>.tar.gz
>
>  # tar xf oks.<distribution-version-number>.tar

This will create the directory oks.<distribution-version-number> containing
the following files under the current directory:

>  oks.<distribution-version-number>/
>
>  oks.<distribution-version-number>/CHANGES
>
>  oks.<distribution-version-number>/INSTALL
> 
>  oks.<distribution-version-number>/LICENCE
>
>  oks.<distribution-version-number>/README
>
>  oks.<distribution-version-number>/oks-<distribution-version-number>.tar
>
>  oks.<distribution-version-number>/oks_install

Then start the oks_install shell script to install and configure the server.
The texts between square brackets are configuration values guessed by the
script.

>  # ./oks_install
>
>  OpenKeyServer installation utility
>
>  Please enter distribution file: [oks-<distribution-version-number>.tar]
>
>  Please enter installation directory: [/usr/local/oks]
>
>  "/usr/local/oks" not found. Do you want to create it ? [Yes]
>
>  Installing distribution in /usr/local/oks...

At this point, the installation directory contains the keyserver and its
gateways without any database. The script begins by configuring some general
information about the server.

>  Configuring OpenKeyServer
>
>  What is your company name ?
>  This name will be used inside your web pages in
>  order to personalize your OpenKeyServer.
>  Company name :

You must enter here the name of your company. It will be used inside your
configuration files and web pages to personalize your server responses.

>  What is the email address of this keyserver administrator ?

Enter here this email address. This address will also be used into your web
pages as a point of contact for your users.

The script continues now by configuring the OKS database:

>  Configuring OpenKeyServer Database Server
>
>  Bind address: [127.0.0.1]

Enter here the IP address of the database. By default, it listens only on
the localhost address because the gateways are often located on the same
machine. If you want the OKS database server be accessible by other machines
on your network, specify here your host network address ( or 0.0.0.0 to
listen on all addresses ).

>  Bind port: [11372]

Enter here the OKS database server port number. By default and for
simplicity, we use the next port following the common keyserver port number.

>  Syslog facility: [local0]

The keyserver processes use the standard unix syslog service to log their
messages for smoother integration with common network management tools. Here
you can specify which facility the process will use.  Please refer to the
syslog.conf man page for more information about configuring syslog. The
facility can be one of the following: auth, authpriv, cron, daemon, kern,
lpr, mail, news, security, syslog, user, uucp, and local0 through local7.

>  Database name: [sample]

Type here the name you want to give to your database. This is this name
which must be used for further references to your database.

>  Database directory: [/usr/local/oks/var/db]

Your OKS database server is now configured. The installation script
continues now by configuring your gateways.

Configuring OpenKeyServer HTTP gateway

>  Bind address: [0.0.0.0]

Enter here the IP address of the HTTP gateway. By default, it listens on all
the ip addresses of your machine, but some sites would want to restrict it
to only one address.

>  Bind port: [11371]

Common keyservers listen on port 11371. If you want, you can change it here.
Please note that on Unix systems, listening on port lower than 1024 requires
root privileges.

>  Syslog facility: [local0]

The keyserver processes use the standard unix syslog service to log their
messages for smoother integration with common network managing tools. Here
you can specify which facility the process will use.  Please refer to the
syslog.conf man page for more information about configuring syslog. The
facility can be one of the following: auth, authpriv, cron, daemon, kern,
lpr, mail, news, security, syslog, user, uucp, and local0 through local7.

>  SMTP server: [mail.<your-domain-name>]

The OKS HTTP gateway needs an SMTP server to send its synchronization
requests. The script tries to guess it but if you want you can specify here
your SMTP server fully qualified name or IP address.

>  What is the base URL of your web server ?
>  Your OpenKeyServer HTTP gateway is provided with a set of web pages you
>  can store on your web server in order to access it through any web browser.
>  This base URL will be used to build links between different web pages and
>  must not contain any reference to any file. Valid base URLs are for instance
>  http://www.some.site.edu and http://www.some.site.edu/keyserver
>  Note that the trailing / must not be introduced.
>  When the installation is done, don't forget to copy the directories located in
>  /usr/local/oks/share/webpages on your web server.
>  Base URL: [http://www.<your-domain-name>]

Enter here this base URL without the trailing /. This field is required, but
the installation script tries to guess it with the help of your machine
name. At this point, it is necessary you introduce the correct one,
otherwise you will have to modify the keyserver web pages by hand. Note that
even if you do not want to use the web site provided in this distribution,
specifying a URL here will allow the pages generated by the HTTP gateway to
reference pages into your current web site.

>  Configuring OpenKeyServer SMTP gateway
>
>  POP3 server: [mail.<your-domain-name>]

The OKS SMTP gateway works by polling from time to time a mailbox located on
a mail server and, to access this server, the process uses the POP3
protocol. The script tries to guess it but if you want you can specify here
your mail server fully qualified name or IP address.

>  POP3 login:
>
>  POP3 password:

In order to access the keyserver's mailbox, you will need a POP3 login and
password; please enter here this information.

>  Mailbox polling interval (in seconds) : [120]

Here you can specify the interval between two checks on the mailbox to
process its messages. This delay is specified in seconds.

>  Syslog facility: [local0]

The keyserver processes use the standard unix syslog service to log their
messages for smoother integration with common network managing tools. Here
you can specify which facility the process will use.  Please refer to the
syslog.conf man page for more information about configuring syslog. The
facility can be one of the following: auth, authpriv, cron, daemon, kern,
lpr, mail, news, security, syslog, user, uucp, and local0 through local7.

>  SMTP server: [mail.<your-domain-name>]

The OKS SMTP gateway needs an SMTP server to send its synchronization
requests. The script tries to guess it but if you want you can specify here
your SMTP server fully qualified name or IP address.

Your OpenKeyServer gateways are now configured. The installation script
continues now by configuring the synchronization of your keyserver with
other ones.

>  Email address of this keyserver: [pgp-keys@<your-domain-name>]

Keyservers still synchronize through an email-based protocol. It means that
each keyserver has one email address to communicate with the others. Enter
it here and create if needed this email account on your mail server.

>  Email address for synchronization errors: [root@<your-domain-name>]

In case of errors, the mail server has to send back the mail message to
someone. Specify here the email address of this person.

>  Email addresses of keyservers to synchronize with:

If you want your server to synchronize with other sites, enter here a list
of email addresses separated by spaces.

>  Saving OpenKeyServer configuration parameters... Please wait
>
>  The web pages located in your directory /usr/local/share/webpages
>  are now configured. Don't forget to copy them to your web server directory.
>
>  Press enter...

You OKS database server and gateways are now configured. If you want, the
installation script can update your database with your PGP public keyrings.

>  Do you want to update the OpenKeyServer database now ? [yes]
>
>  Enter the path of the PGP public keyring to store:

Enter here the full path to a public PGP keyring to append to your database.
This procedure will continue until you don't specify any other one (just
press enter).

>  Database successfully created.

Your OpenKeyServer is now configured and installed on your system.

>  OpenKeyServer installation done !


--------------------------------------------------------------------------------
