Note: These instructions are for version 2 of the Perspectives Server software, and are now out of date. We will be releasing an updated guide with the next release, version 3.2. For now please see the Perspectives Serve README for up-to-date instructions, or feel free to contact us on the mailing list.
The Good News: it’s now even easier to run a Perspectives Server and you don’t need to install or use the ‘psv-admin’ package. Simply running the server will automatically create a key pair and set up the database if required!
Amazon Web Services (AWS) let’s you easily create a server in the “cloud”. In fact, they even let you run a “micro” instance for free, thanks to something call the “free usage tier”
This post will show you how you can get your own notary running in just 15 minutes using AWS.
First, read about the free usage tier and sign up for an AWS account: http://aws.amazon.com/free/
Then, access the AWS management console to create an instance: http://aws.amazon.com/console/
Click on the “EC2” tab near the top left of the screen, then click the “Launch Instance” button in the main window pane.
Choose an Ubuntu server AMI by clicking on the “Community AMIs” tab and finding a matching image. Here are a couple things to keep in mind:
- Make sure the image is free tier eligible (denoted by a yellow star).
- I use an image with a “Root Store” of “ebs”, as this means that even if this particular instance dies, I can spin up a new instance and reattach the same disk.
- 64-bit image is suggested.
- I’ve done most of my testing on Ubuntu Maverick (10.10), but other recent Ubuntu platforms should work as well. You can see the exact version for an image by reading the “Manifest” field.
In the “U.S East” region, an AMI that matches these criteria is: ami-cef405a7
Select your AMI, and keep the default “Micro” instance.
You will need amazon to create a SSH keypair, which will automatically be “injected” into the instance, allowing you to access the instance remote without a password. Give this key a name (e.g., notary) and download it to you filesystem.
After downloading the key, make sure it is only accessible to your user:
Now you can access your machine remotely. Click on “Instances” in the left panel and select your instance’s row in the main pane and view the details box at the bottom. Note the “Public DNS” field, as this is how you will access the machine remotely. For example, run:
Now your notary is up and running! It will respond to notary requests on port 8080 . To see the public key the notary uses to sign all requests, run:
This is the public key that can be provided to a Perspectives client to authentic the notary response. The server code comes with a simple client for you to test. To query a website to monitor (called a “service-id” with Perspectives), specify it using the form ::2. For example for http://www.google.com, run:
The first time this you query the notary server, it will not know about a service and will return a 404 error, as the notary -server will launch an “on-demand” probe for that service. Wait a couple seconds and run the same command again and it should succeed.
A new version of the Perspectives Firefox Client will soon be released that will let you use your own notary servers as well.
By default, this notary server will run a scan of all known service-ids twice a day, as configured using crontab. You can manually run a scan of all services at any point by running: