fsebugoutzone.org:9999

       Post 2068647 by jasonscheirer@knzk.me
 (DIR) More posts by jasonscheirer@knzk.me
 (DIR) Post #2065343 by Gargron@mastodon.social
       2018-12-18T00:22:01Z
       
       0 likes, 0 repeats
       
       Helping bring knzk.me back to life...
       
 (DIR) Post #2065344 by thegibson@hackers.town
       2018-12-18T00:22:59Z
       
       0 likes, 0 repeats
       
       @Gargron it looked very odd the other day... nothing in queues...I am concerned about the agressiveness of the SSL inspection on their Fortigate.
       
 (DIR) Post #2065389 by staticsafe@mastodon.zombocloud.com
       2018-12-18T00:22:23Z
       
       0 likes, 0 repeats
       
       @Gargron what is wrong with it?
       
 (DIR) Post #2065390 by Gargron@mastodon.social
       2018-12-18T00:24:43Z
       
       0 likes, 0 repeats
       
       @staticsafe A couple things. If my understanding of the events is correct, the security fix that rate-limits failures in signature verification by source IP backfired on knzk.me because their Puma does not see the real IP address (proxy misconfig). In search of solution, they reset all RSA keys as well, wherein I discovered a bug in the tootctl command that does that, so the accounts were advertising one public key, while signing with another.
       
 (DIR) Post #2065391 by Gargron@mastodon.social
       2018-12-18T00:27:34Z
       
       0 likes, 0 repeats
       
       @staticsafe I have run another update on the public_key column to source it from the actual keypair, and given them a patch to (temporarily) undo the IP-based fix. In a day or more the accounts should be considered stale, and key caches on other servers should update and fix themselves. To check that it worked, I manually updated key caches on mastodon.social, and was able to successfully communicate with knzk.me
       
 (DIR) Post #2065392 by thegibson@hackers.town
       2018-12-18T00:29:23Z
       
       0 likes, 0 repeats
       
       @Gargron @staticsafe That explains what I saw!excellent work by the creator... we can all learn here.
       
 (DIR) Post #2065453 by lain@kawen.space
       2018-12-18T00:33:41.855240Z
       
       0 likes, 0 repeats
       
       @Gargron (wake me up) wake me up inside!
       
 (DIR) Post #2068641 by burgin@jorts.horse
       2018-12-18T01:03:59Z
       
       1 likes, 0 repeats
       
       @Gargron thank you eugen, it&#39;s kind of you to help and i appreciate your efforts.
       
 (DIR) Post #2068647 by jasonscheirer@knzk.me
       2018-12-18T01:38:54Z
       
       1 likes, 0 repeats
       
       @Gargron I’d be fascinated to see a post-mortem for the fix