Re: [Monotone-devel] private key needed for sync?

[Brian Campbell]

You need to have a key in the server so the client can make sure it's  
connecting to the right server. Otherwise, someone could set up a  
bogus server so when you sync to it, all of your private code is sent  
to the malicious server.

I would recommend creating a separate key for your server, because  
your server key will be sitting around decrypted within the server  
process, and so if there's some bug that allows someone to read that  
process's memory, your key that is used to sign revisions would be  
compromised. If you use a separate key, you can choose to only trust  
that key for talking with the server, and trust your own key for  
signing certs, so in the case of a compromise, not all is lost.

As far as one database per project, you can either do that on the  
server, in which case as you say you would have to run separate  
server instances on separate ports, or you can have the server just  
have one big database with all of the projects, and then have  
individual databases for the individual projects that sync with the  
server periodically or whenever people feel like it. If the reason  
for having per-project databases is that you want people to be able  
to access their own database, then this is a better idea, as it means  
you don't need to stop the server to work on the individual database.

By the way, it looks like you've named your collection marocode. It  
would probably be better to follow the reverse domain name naming  
convention, so it would be cz.matfyz.zw.marocode or cz.cuni.marocode  
or whatever domain it is you want to use. We discussed possibly  
moving to a URL like convention, like zw.matfuz.cz/marocode, but that  
hasn't happend yet because the slash conflicts with the slash used in  
the selector syntax.

On Jun 7, 2005, at 1:12 PM, Zbynek Winkler wrote:

> Hello,
>
> I was following the tutorial, created a database, importing some  
> files, commiting work etc.
>
> Now I want to setup an allways-on-server to exchange my work with  
> others. I went to section "2.7 Network Service". I figured that I  
> need to create an empty database and import pubkeys of all people  
> I'd like to give access to. I've imported only mine pubkey so far.  
> I've created the .monotone/monotonerc file with the three hooks as  
> suggested. Then I tried to run the "serve" command but got the  
> following error:
>
> address@hidden:~/.monotone$ monotone --db=./marocode.db serve  
> matforge.ms.mff.cuni.cz marocode
> monotone: misuse: could not guess default signing key
>
> The --debug command says:
>
> monotone: executing serve command
> monotone: db.fetch("SELECT id from 'private_keys'")
> monotone: commands.cc:1998: usage constraint 'N(guess_default_key 
> (key, app))' violated
> monotone: misuse: could not guess default signing key
>
> Why do I need a private key in the database? I do not intend to  
> commit any work to this database. Is it used for anything else?
>
> Zbynek
>
> PS. I'd like to add monotone to our gforge setup but it seems it is  
> not as straight forward :(. I'd like to have one database per  
> project so that each project can easily manipulate it. It seems  
> that in order to do that I'd have to start multiple instances of  
> monotone serve using different ports. Is that true? I'd also have  
> to use the --norc and --rcfile options to configure it, right? That  
> seems kind of awkward :(
>
> --
> http://zw.matfyz.cz/     http://robotika.cz/
> Faculty of Mathematics and Physics, Charles University, Prague,  
> Czech Republic
>
>
>
> _______________________________________________
> Monotone-devel mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/monotone-devel