Thank you for the procedure. For this specific user, he was helpful enough to include the keyids, so it is somewhat easier:
- Run the following command to get the keyIds for the blacklist to add:cat < fingerprints.txt | tr A-Z a-z | sed -e "s/^/'/" -e 's/$'"/'/" | tr \\012 ,; echo - Add them to the blacklist first (so they will not be resynced later) - Restart the hockeypuck server to reread the config file - Write the keyids to a file, "fingerprints.txt" - Run the following command to get the rfingerprints rev < fingerprints.txt | tr A-Z a-z | sed -e "s/^/'/" -e 's/$'"/'/" | tr \\012 , | sed 's/.$//'; echo - Run the following to SQL commands with <OUTPUT> replaced by the output of the above script delete from subkeys where rfingerprint in (<OUTPUT>); delete from keys where rfingerprint in (<OUTPUT>); The SQL command for this user (including his keyIDs) will be available for 30 days at https://onice.ch/s/46SJq9ELM9fnHgw . (Not included here, as I do not want to be responsible for his personal information to be archived by the list.) -Marcel Am Freitag, dem 27.05.2022 um 06:48 +0200 schrieb Alexandre Dulaunoy: > Hi All, > > Hockeypuck supports blacklists (from version 2.1.0) when you can list > all the fingerprint keys you want to avoid being synced. > > In addition, you can delete the keys from Hockeypuck (PostgreSQL > database). > > A key can be deleted from the SQL database in the following way: > > - Query the pks interface for the offending key, get the hash > fingerprint from Hockeypuck; > > - Connect to Postgresql via psql > > -select rfingerprint from keys where md5 in (<HASHFINGERPRINT>); > > - The returned rfingerprint can be used to delete to delete the > subkeys > delete from subkeys where rfingerprint in (<RFINGERPRINT>); > - When all subkeys are deleted. > - delete from keys where md5 in (<HASHFINGERPRINT>) > Don't forget to add the key in blacklist: > [hockeypuck.openpgp] > blacklist=[ > "KEYFINGERPRINT"] > I hope this helps. > > Blacklists -> https://github.com/hockeypuck/hockeypuck/releases > > On Fri, May 27, 2022 at 6:09 AM Allen Zhong <al...@atr.me> wrote: > > Maybe it would be possible for the server to maintain some sort of > > a > > "block list" and reject to receive those keys in the list and also > > not > > returning them to the client? I think that's possible but as it > > requires > > changes of the server software (hockeypuck and sks-server, etc.) > > it's > > not likely to be a quick one. > > > > On 2022/5/27 11:01, Ced wrote: > > > If anyone has an idea to prevent the collapse of the few > > remaining SKS > > > keyservers, please let us know otherwise we'll have to take down > > our > > > server too pretty soon :( > >
