DOKK / manpages / debian 10 / gpg-wks-server / gpg-wks-server.1.en
GPG-WKS-SERVER(1) User Commands GPG-WKS-SERVER(1)

gpg-wks-server - Server for the Web Key Service

gpg-wks-server [COMMAND] [OPTIONS] [ARGS]

gpg-wks-server is a server for the Web Key Service. It can handle incoming mails with the --receive command.

See the EXAMPLES section for procmail and crontab configurations.

You also need a webserver configured to alias requests to /.well-known/openpgp/ and below to the /var/lib/gnupg/wks/<wkd-domain>/ directory.

Receive a submission or confirmation.
Run regular jobs.
List configured domains, and checks some file and directory permissions.
Show program version and some meta information.
Output a short usage information.
Print warranty information.
Dump all available options and commands.

Enable verbose output.
Be somewhat more quiet.
Send the mail using sendmail.
Write the mail to FILE.
Use ADDR as the default sender.
Add "NAME: VALUE" as header to all mails.
Can be used to add a header for loop detections, see procmail example.
Set debugging flags. All flags are or-ed and flags may be given in C syntax (e.g. 0x0042) or as a comma separated list of flag names. To get a list of all supported flags the single word "help" can be used.
Use the specified command instead of gpg.

/var/lib/gnupg/wks/
Contains a subdirectory for each domain to run the server for. Each subdirectory is supposed to contain what should show up on https://.../.well-known/openpgp/.
The user running gpg-wks-server needs write access to these subdirectories.

Store received emails in ~/Mail/ (create it manually first), uses From: key-submission@example.com and X-WKS-Loop: example.com as loop detection:

MAILDIR=$HOME/Mail
LOGFILE=$HOME/Mail/from
LOCKFILE=$HOME/Mail/.lockmail
VERBOSE=yes
# filter out FROM_DAEMON mails (bounces, ...) into separate mailbox
:0
* ^FROM_DAEMON
from-daemon/
# archive (copy!) all "normal" mails
:0 c
archive/
# if not in a loop: handle mails with gpg-wks-server
:0 w
* !^From: key-submission@example.com
* !^X-WKS-Loop: example.com
|gpg-wks-server -v --receive \


    --header X-WKS-Loop=example.com \


    --from key-submission@example.com --send
# if handling failed: store in separate mailbox
:0 e
cruft/










In case procmail is not used automatically the following
    ~/.forward file might be useful:






"|exec /usr/bin/procmail || exit 75"






The double quotes are supposed to be included in the file!










You should run the --cron command once a day. Edit the
    crontab with






crontab -e






and append the following line:






42 3 * * * gpg-wks-server --cron

















  

  
Latest draft for the Web Key Service protocol:
      <https://tools.ietf.org/html/draft-koch-openpgp-webkey-service>

  

  
GnuPG on Web Key Service: <https://wiki.gnupg.org/WKS>
    

  










Please report bugs to <https://dev.gnupg.org>.










Copyright © 2017 Free Software Foundation, Inc. License
    GPLv3+: GNU GPL version 3 or later
  <https://gnu.org/licenses/gpl.html>


This is free software: you are free to change and redistribute it.
    There is NO WARRANTY, to the extent permitted by law.


This manpage was written by Stefan Bühler for the
    Debian distribution (but may be used by others).







  

    May 2017
    gpg-wks-server (GnuPG) 2.1.20