summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJameson Graef Rollins <jrollins@phys.columbia.edu>2008-08-13 15:31:52 -0700
committerJameson Graef Rollins <jrollins@phys.columbia.edu>2008-08-13 15:31:52 -0700
commit5c1046f14ff2e1efda332aa07747661abca0b98f (patch)
tree5ffba33f1ebf03321901da2202b49da71dbc2287
parent70674cae8b3d69d0e750125387b26c0d5857c5ba (diff)
parent48bdbc58cfe649c404240b629d9cef5134da5937 (diff)
Merge commit 'dkg/master'
-rw-r--r--doc/README2
-rw-r--r--doc/george/changelog4
-rw-r--r--src/common2
-rwxr-xr-xsrc/monkeysphere-server10
-rw-r--r--website/bugs/allow-publishing-to-public-keyservers.mdwn16
-rw-r--r--website/bugs/handle-passphrase-locked-secret-keys.mdwn83
-rw-r--r--website/bugs/missing-known_hosts-causes-error.mdwn8
-rw-r--r--website/bugs/reorganize-monkeysphere-server-shortcuts.mdwn19
-rw-r--r--website/download.mdwn2
9 files changed, 138 insertions, 8 deletions
diff --git a/doc/README b/doc/README
index cf2f396..684f524 100644
--- a/doc/README
+++ b/doc/README
@@ -30,7 +30,7 @@ hosts are. This can be done with the monkeysphere-ssh-proxycommand
$ monkeysphere update-known_hosts
-This will command will check to see if there is an OpenPGP key for
+This command will check to see if there is an OpenPGP key for
each (non-hashed) host listed in the known_hosts file, and then add
the key for that host to the known_hosts file if one is found. This
command could be added to a crontab as well, if desired.
diff --git a/doc/george/changelog b/doc/george/changelog
index 93f00db..0790f65 100644
--- a/doc/george/changelog
+++ b/doc/george/changelog
@@ -7,6 +7,10 @@
* changes to this system (first command at top, last at bottom) *
******************************************************************************
+2008-08-13 - dkg
+ * aptitude update && aptitude full-upgrade
+ * restarted services to clear up dependencies on old libraries
+
2008-08-07 - dkg
* aptitude update && aptitude dist-upgrade
* removed debian's experimental from the sources.list
diff --git a/src/common b/src/common
index cbfa956..9c76bd1 100644
--- a/src/common
+++ b/src/common
@@ -73,7 +73,7 @@ file_hash() {
# character
# FIXME: undo all escape character translation in with-colons gpg output
unescape() {
- echo "$1" | sed 's/\\x3a/:/'
+ echo "$1" | sed 's/\\x3a/:/g'
}
# remove all lines with specified string from specified file
diff --git a/src/monkeysphere-server b/src/monkeysphere-server
index 9e025f9..d9b8676 100755
--- a/src/monkeysphere-server
+++ b/src/monkeysphere-server
@@ -56,7 +56,7 @@ subcommands:
gpg-authentication-cmd CMD gnupg-authentication command
- help (h,?) this help
+ -h|--help|help (h,?) this help
EOF
}
@@ -236,7 +236,7 @@ gen_key() {
revoker=
# get options
- TEMP=$(getopt -o l:e:r: -l length:,expire:,revoker: -n "$PGRM" -- "$@")
+ TEMP=$(getopt -o e:l:r -l expire:,length:,revoker: -n "$PGRM" -- "$@")
if [ $? != 0 ] ; then
exit 1
@@ -372,10 +372,10 @@ publish_server_key() {
# FIXME: need to figure out better way to identify host key
# dummy command so as not to publish fakes keys during testing
# eventually:
- #gpg_authentication "--keyserver $KEYSERVER --send-keys $(hostname -f)"
+ #gpg_authentication "--keyserver $KEYSERVER --send-keys =ssh://$(hostname -f)"
echo "NOT PUBLISHED (to avoid permanent publication errors during monkeysphere development)."
echo "The following command should publish the key:"
- echo "monkeysphere-server gpg-authentication-cmd '--keyserver $KEYSERVER --send-keys $(hostname -f)'"
+ echo "monkeysphere-server gpg-authentication-cmd '--keyserver $KEYSERVER --send-keys =ssh://$(hostname -f)'"
exit 255
}
@@ -712,7 +712,7 @@ case $COMMAND in
gpg_authentication_cmd "$@"
;;
- 'help'|'h'|'?')
+ '--help'|'help'|'-h'|'h'|'?')
usage
;;
diff --git a/website/bugs/allow-publishing-to-public-keyservers.mdwn b/website/bugs/allow-publishing-to-public-keyservers.mdwn
new file mode 100644
index 0000000..c6c8057
--- /dev/null
+++ b/website/bugs/allow-publishing-to-public-keyservers.mdwn
@@ -0,0 +1,16 @@
+[[meta title="monkeysphere-server publish-key does not work"]]
+
+Currently, if you try to run `monkeysphere-server publish-key`, you
+can get the following output:
+
+ Really publish key to subkeys.pgp.net? (y/N) y
+ NOT PUBLISHED (to avoid permanent publication errors during monkeysphere development).
+ The following command should publish the key:
+ monkeysphere-server gpg-authentication-cmd '--keyserver subkeys.pgp.net --send-keys foo.example.org'
+
+I think we've demonstrated that this system works enough to warrant
+using the public keyserver infrastructure.
+
+I suggest that we should actually enable this feature explicitly.
+(leaving in the prompt is fine, though it would be nice to be able to
+`--force` it or something).
diff --git a/website/bugs/handle-passphrase-locked-secret-keys.mdwn b/website/bugs/handle-passphrase-locked-secret-keys.mdwn
new file mode 100644
index 0000000..a61b5ba
--- /dev/null
+++ b/website/bugs/handle-passphrase-locked-secret-keys.mdwn
@@ -0,0 +1,83 @@
+[[meta title="MonkeySphere needs to be able to cleanly export passphrase-locked secret keys from the GPG keyring"]]
+
+At the moment, the only tool we have to export passphrase-locked
+secret keys from the GPG keyring is `gpg` itself (and `gpg2`, which
+has roughly the same behavior).
+
+As a result, we have the `seckey2sshagent` hack, which is unfriendly
+and awkward to use.
+
+Ideally, `openpgp2ssh` would be able to convert passphrase-locked
+secret keys into clean subkeys. However, i've tried to do this via
+GnuTLS, and that library is not ready for this.
+
+OpenCDK, which is the component of GnuTLS which reads OpenPGP-style
+keys, cannot cope with encrypted secret key material. I have had
+[some
+success](http://lists.gnu.org/archive/html/gnutls-devel/2008-06/msg00092.html)
+in getting GnuTLS's OpenCDK to accept the existence of encrypted
+secret key packets, [i learned that OpenCDK as included in GnuTLS is
+incapable of dealing with the encrypted packets
+themselves](http://lists.gnu.org/archive/html/gnutls-devel/2008-07/msg00012.html).
+
+
+Some possible resolutions:
+
+---------
+
+If we can assume that the passphrase-encrypted key we want to use is
+actually a subkey, and if we could fix GnuTLS to ignore the use of the
+"gnu-dummy S2K" produced by `gpg --export-secret-subkeys` for the
+primary key, then something like the following script should actually
+work for reasonable values of `$KEYID`:
+
+ TMPDIR=$(mktemp -d)
+ uname 077
+ mkfifo "$TMPDIR/passphrase"
+ kname="MonkeySphere Key $KEYID"
+ mkfifo "$TMPDIR/$kname"
+ ssh-agent "Please enter the passphrase for MonkeySphere key $KEYID" >"$TMPDIR/passphrase" &
+ gpg --passphrase-fd 3 3<"$TMPDIR/passphrase" --export-options export-reset-subkey-passwd,export-minimal,no-export-attributes --export-secret-subkeys "$KEYID"\! | openpgp2ssh "$KEYID" > "$TMPDIR/$kname"
+ (cd "$TMPDIR" && ssh-add -c "$kname")
+ rm -rf "$TMPDIR"
+
+---------
+
+Ben Laurie and Rachel Willmer's
+[OpenPGPSDK](http://openpgp.nominet.org.uk) is a candidate: this is a
+C-based library that intends to implement RFC 4880 functionality.
+
+We could potentially re-write `openpgp2ssh` using this library, and it
+*should* be able to handle everything we need from the OpenPGP side
+(though it might need to be re-linked to OpenSSL to handle PEM-encoded
+exports.
+
+Concerns:
+
+* OpenPGPSDK is not in debian yet, and doesn't currently (2008-08-13)
+ build with gcc 4.2 or 4.3.
+
+* OpenPGPSDK uses the apache license and appears to link to OpenSSL,
+ which has a GPL-incompatible license. I think this would mean that
+ `openpgp2ssh` could not remain GPL (though the rest of the
+ monkeysphere could).
+
+---------
+
+We could try to use perl. The last time i checked, the pure-perl
+OpenPGP implementations all depended on Math::PARI, which [is not in
+debian](http://bugs.debian.org/440527). The most likely candidate is
+[Crypt::OpenPGP](http://search.cpan.org/~btrott/Crypt-OpenPGP),
+despite [some
+bugginess](http://cpanratings.perl.org/dist/Crypt-OpenPGP).
+
+Concerns:
+
+* the aforementioned buggy reviews
+
+* there's a lot of dependency chasing to get anything like this
+ available in debian.
+
+---------
+
+Other alternatives?
diff --git a/website/bugs/missing-known_hosts-causes-error.mdwn b/website/bugs/missing-known_hosts-causes-error.mdwn
new file mode 100644
index 0000000..8f4e27c
--- /dev/null
+++ b/website/bugs/missing-known_hosts-causes-error.mdwn
@@ -0,0 +1,8 @@
+[[meta title="Missing `~/.ssh/known_hosts` file causes errors from monkeysphere-ssh-proxycommand"]]
+
+As a user, if you don't have a `~/.ssh/known_hosts` file,
+`monkeysphere-ssh-proxycommand` produces some bogus output, like:
+
+ cat: /home/foo/.ssh/known_hosts: No such file or directory
+
+this should be fixable with a simple test.
diff --git a/website/bugs/reorganize-monkeysphere-server-shortcuts.mdwn b/website/bugs/reorganize-monkeysphere-server-shortcuts.mdwn
new file mode 100644
index 0000000..5a4b946
--- /dev/null
+++ b/website/bugs/reorganize-monkeysphere-server-shortcuts.mdwn
@@ -0,0 +1,19 @@
+[[meta title="Reorganize monkeysphere-server shortcuts"]]
+
+Currently, `monkeysphere-server` supports three subcommands to adjust
+the "identity certifiers":
+
+* `add-identity-certifier` (`a`)
+* `remove-identity-certifier` (`r`)
+* `list-identity-certifier` (`l`)
+
+Since [we also want to be able to add/remove multiple
+hostnames](multiple-hostnames), i think we should change the shortcuts
+from `a`, `r`, and `l` to `c+`, `c-`, and `c`.
+
+This would let us create new subcommands like:
+
+* `add-host-name` (`n+`)
+* `revoke-host-name` (`n-`)
+* `list-host-names` (`n`)
+
diff --git a/website/download.mdwn b/website/download.mdwn
index f215f80..982f88f 100644
--- a/website/download.mdwn
+++ b/website/download.mdwn
@@ -32,7 +32,7 @@ The git repo from this web site:
[Daniel Kahn Gillmor](http://cmrg.fifthhorseman.net/wiki/dkg):
- git clone http://lair.fifthhorseman.net/~dkg/git/monkeysphere.git monkeysphere
+ git clone git://lair.fifthhorseman.net/~dkg/monkeysphere monkeysphere
## Contact ##