Merge commit 'dkg/master'

Conflicts:

	doc/MonkeySpec

4 files changed, 328 insertions, 0 deletions

diff --git a/man/man1/monkeysphere-ssh-proxycommand.1 b/man/man1/monkeysphere-ssh-proxycommand.1
new file mode 100644
index 0000000..5fabb91
--- /dev/null
+++ b/man/man1/monkeysphere-ssh-proxycommand.1
@@ -0,0 +1,41 @@
+.TH MONKEYSPHERE-SSH-PROXYCOMMAND "1" "June 2008" "monkeysphere 0.1" "User Commands"
+
+.SH NAME
+
+monkeysphere-ssh-proxycommand \- MonkeySphere ssh ProxyCommand script
+
+.SH DESCRIPTION
+
+\fBmonkeysphere-ssh-proxy\fP is an ssh proxy command that can be used
+to trigger a monkeysphere update of the known_hosts file for the hosts
+that are being connected to.  It is meant to be run as an ssh
+ProxyCommand.  This can either be done by specifying the proxy command
+on the command line:
+
+.B ssh -o ProxyCommand="monkeysphere-ssh-proxycommand %h %p" ...
+
+or by adding the following line to your ~/.ssh/config script:
+
+.B ProxyCommand monkeysphere-ssh-proxycommand %h %p
+
+The script is very simple, and can easily be incorporated into other
+ProxyCommand scripts.  It first tests to see if the host is in the
+known_hosts file.  If it's not, the CHECK_KEYSERVER variable is set to
+true and "update-known_hosts" is run for the host to check for a host
+key for that host.  If the host is found in the known_hosts file,
+CHECK_KEYSERVER is set to false and "update-known_hosts" is run to
+update from the local keychain.
+
+Run the following command for more info:
+
+.B less $(which monkeysphere-ssh-proxycommand)
+
+.SH AUTHOR
+
+Written by Jameson Rollins <jrollins@fifthhorseman.net>
+
+.SH SEE ALSO
+
+.BR monkeypshere (1),
+.BR ssh (1),
+.BR gpg (1)
diff --git a/man/man1/monkeysphere.1 b/man/man1/monkeysphere.1
new file mode 100644
index 0000000..a5b422c
--- /dev/null
+++ b/man/man1/monkeysphere.1
@@ -0,0 +1,113 @@
+.TH MONKEYSPHERE "1" "June 2008" "monkeysphere 0.1" "User Commands"
+
+.SH NAME
+
+monkeysphere \- MonkeySphere client user interface
+
+.SH SYNOPSIS
+
+.B monkeysphere \fIcommand\fP [\fIargs\fP]
+
+.SH DESCRIPTION
+
+MonkeySphere is a system to leverage the OpenPGP Web of Trust for ssh
+authentication and encryption.  OpenPGP keys are tracked via GnuPG,
+and added to the ssh authorized_keys and known_hosts files to be used
+for authentication and encryption of ssh connection.
+
+\fBmonkeysphere\fP is the MonkeySphere client utility.
+
+.SH SUBCOMMANDS
+
+\fBmonkeysphere\fP takes various subcommands:
+.TP
+.B update-known_hosts [HOST]...
+Update the known_hosts file.  For each specified host, gpg will be
+queried for a key associated with the host URI (see HOST URIs),
+querying a keyserver if specified.  If a key is found, it will be
+converted to an ssh key, and any matching ssh keys will be removed
+from the user's known_hosts file.  If the found key is acceptable (see
+KEY ACCEPTABILITY), then the key will be updated and re-added to the
+known_hosts file.  If no gpg key is found for the host, then nothing
+is done.  If no hosts are specified, all hosts listed in the
+known_hosts file will be processed.  `k' may be used in place of
+`update-known_hosts'.
+.TP
+.B update-userids [USERID]...
+Add/update a user ID to the authorized_user_ids file.  The user IDs
+specified should be exact matches to OpenPGP user IDs.  For each
+specified user ID, gpg will be queried for a key associated with that
+user ID, querying a keyserver if specified.  If a key is found, the
+user ID will be added to the user's authorized_user_ids file (if it
+wasn't already present).  `u' may be used in place of
+`update-userids'.
+.TP
+.B remove-userids [USERID]...
+Remove a user ID from the authorized_user_ids file.  The user IDs
+specified should be exact matches to OpenPGP user IDs.  `r' may be
+used in place of `remove-userids'.
+.TP
+.B update-authorized_keys
+Update the monkeysphere authorized_keys file.  For each user ID in the
+user's authorized_user_ids file, gpg will be queried for keys
+associated with that user ID, querying a keyserver if specified.  If a
+key is found, it will be converted to an ssh key, and any matching ssh
+keys will be removed from the user's authorized_keys file.  If the
+found key is acceptable (see KEY ACCEPTABILITY), then the key will be
+updated and re-added to the authorized_keys file.  If no gpg key is
+found for the user ID, then nothing is done.  `a' may be used in place
+of `update-authorized_keys'.
+.TP
+.B gen-subkey KEYID
+Generate an `a` capable subkey.  For the primary key with the
+specified key ID, generate a subkey with "authentication" capability
+that can be used for MonkeySphere transactions.  `g' may be used in
+place of `gen-subkey'.
+.TP
+.B help
+Output a brief usage summary.  `h' or `?' may be used in place of
+`help'.
+
+.SH HOST URIs
+
+Host OpenPGP keys have associated user IDs that use the ssh URI
+specification for the host, ie. "ssh://host.full.domain".
+
+.SH KEY ACCEPTABILITY
+
+GPG keys are considered acceptable if the following criteria are met:
+.TP
+.B capability
+For host keys, the key must have both the "authentication" ("a") and
+"encrypt" ("e") capability flags.  For user keys, the key must have
+the "authentication" ("a") capability flag.
+.TP
+.B validity
+The key must be "fully" valid, and must not be expired or revoked.
+
+.SH FILES
+
+.TP
+~/.config/monkeysphere/monkeysphere.conf
+User monkeysphere config file.
+.TP
+/etc/monkeysphere/monkeysphere.conf
+System-wide monkeysphere config file.
+.TP
+~/.config/monkeysphere/authorized_user_ids
+OpenPGP user IDs associated with keys that will be checked for
+addition to the authorized_keys file.
+.TP
+~/.config/monkeysphere/authorized_keys
+Monkeysphere generated authorized_keys file.
+
+.SH AUTHOR
+
+Written by Jameson Rollins <jrollins@fifthhorseman.net>
+
+.SH SEE ALSO
+
+.BR monkeysphere-ssh-proxycommand (1),
+.BR monkeysphere-server (8),
+.BR ssh (1),
+.BR gpg (1)
diff --git a/man/man1/openpgp2ssh.1 b/man/man1/openpgp2ssh.1
new file mode 100644
index 0000000..bea1da5
--- /dev/null
+++ b/man/man1/openpgp2ssh.1
@@ -0,0 +1,91 @@
+.\"  -*- nroff -*-
+.Dd $Mdocdate: June 11, 2008 $
+.Dt OPENPGP2SSH 1
+.Os
+.Sh NAME
+openpgp2ssh
+.Nd translate OpenPGP keys to SSH keys
+.Sh SYNOPSIS
+.Nm openpgp2ssh < mykey.gpg 
+.Pp
+.Nm gpg --export $KEYID | openpgp2ssh $KEYID
+.Pp
+.Nm gpg --export-secret-key $KEYID | openpgp2ssh $KEYID
+.Sh DESCRIPTION
+.Nm
+takes an OpenPGP-formatted primary key and associated
+subkeys on standard input, and spits out the requested equivalent
+SSH-style key on standard output.
+.Pp
+If the data on standard input contains no subkeys, you can invoke
+.Nm
+without arguments.  If the data on standard input contains
+multiple keys (e.g. a primary key and associated subkeys), you must
+specify a specific OpenPGP keyid (e.g. CCD2ED94D21739E9) or
+fingerprint as the first argument to indicate which key to export.
+The keyid must be exactly 16 hex characters.
+.Pp
+If the input contains an OpenPGP RSA or DSA public key, it will be
+converted to the OpenSSH-style single-line keystring, prefixed with
+the key type.  This format is suitable (with minor alterations) for
+insertion into known_hosts files and authorized_keys files.
+.Pp
+If the input contains an OpenPGP RSA or DSA secret key, it will be
+converted to the equivalent PEM-encoded private key.
+.Pp
+.Nm
+is part of the
+.Xr monkeysphere 1
+framework for providing a PKI for SSH.
+.Sh CAVEATS
+The keys produced by this process are stripped of all identifying
+information, including certifications, self-signatures, etc.  This is
+intentional, since ssh attaches no inherent significance to these
+features.
+.Pp
+.Nm
+only works with RSA or DSA keys, because those are the
+only ones which work with ssh.
+.Pp
+Assuming a valid key type, though, 
+.Nm
+will produce output for
+any requested key.  This means, among other things, that it will
+happily export revoked keys, unverifiable keys, expired keys, etc.
+Make sure you do your own key validation before using this tool!
+.Sh EXAMPLES
+.Nm gpg --export-secret-key $KEYID | openpgp2ssh $KEYID | ssh-add -c /dev/stdin
+.Pp
+This pushes the secret key into the active
+.Xr ssh-agent 1 . 
+Tools such as 
+.Xr ssh 1
+which know how to talk to the 
+.Xr ssh-agent 1
+can now rely on the key.
+.Sh AUTHOR
+.Nm
+and this man page were written by Daniel Kahn Gillmor
+<dkg@fifthhorseman.net>.
+.Sh BUGS
+.Nm
+Currently only exports into formats used by the OpenSSH.
+It should support other key output formats, such as those used by
+lsh(1) and putty(1).
+.Pp
+Secret key output is currently not passphrase-protected.
+.Pp
+.Nm
+currently cannot handle passphrase-protected secret keys on input.
+.Pp
+It would be nice to be able to use keyids shorter or longer than 16
+hex characters.
+.Pp
+.Nm
+only acts on keys associated with the first primary key
+passed in.  If you send it more than one primary key, it will silently
+ignore later ones.
+.Sh SEE ALSO
+.Xr monkeysphere 1 ,
+.Xr ssh 1 ,
+.Xr monkeysphere-server 8
diff --git a/man/man8/monkeysphere-server.8 b/man/man8/monkeysphere-server.8
new file mode 100644
index 0000000..5ca248a
--- /dev/null
+++ b/man/man8/monkeysphere-server.8
@@ -0,0 +1,83 @@
+.TH MONKEYSPHERE-SERVER "1" "June 2008" "monkeysphere 0.1" "User Commands"
+
+.SH NAME
+
+monkeysphere-server \- monkeysphere server admin user interface
+
+.SH SYNOPSIS
+
+.B monkeysphere-server \fIcommand\fP [\fIargs\fP]
+
+.SH DESCRIPTION
+
+\fBMonkeySphere\fP is a system to leverage the OpenPGP Web of Trust
+for ssh authentication and encryption.  OpenPGP keys are tracked via
+GnuPG, and added to the ssh authorized_keys and known_hosts files to
+be used for authentication and encryption of ssh connection.
+
+\fBmonkeysphere-server\fP is the MonkeySphere server admin utility.
+
+.SH SUBCOMMANDS
+
+\fBmonkeysphere-server\fP takes various subcommands:
+.TP
+.B update-users [USER]...
+Update the admin-controlled authorized_keys files for user.  For each
+user specified, update the user's authorized_keys file in
+/var/cache/monkeysphere/authorized_keys/USER.  See `man monkeysphere'
+for more info.  If the USER_CONTROLLED_AUTHORIZED_KEYS variable is
+set, then a user-controlled authorized_keys file (usually
+~USER/.ssh/authorized_keys) is added to the authorized_keys file.  `k'
+may be used in place of `update-known_hosts'.
+.TP
+.B gen-key
+Generate a gpg key for the host.  `g' may be used in place of
+`gen-key'.
+.TP
+.B publish-key
+Publish the host's gpg key to the keyserver.  `p' may be used in place
+of `publish-key'
+.TP
+.B trust-keys KEYID...
+Mark key specified with key IDs with full owner trust.  `t' may be used
+in place of `trust-keys'.
+.TP
+.B update-user-userids USER USERID...
+Add/update a user ID to the authorized_user_ids file for USER.  `u' may
+be used in place of `update-user-userids'.
+.TP
+.B remove-user-userids USER USERID...
+Remove a user ID from the authorized_user_ids file for USER.  `r' may
+be used in place of `remove-user-userids'.
+.TP
+.B help
+Output a brief usage summary.  `h' or `?' may be used in place of
+`help'.
+
+.SH FILES
+
+.TP
+/etc/monkeysphere/monkeysphere-server.conf
+System monkeysphere-server config file.
+.TP
+/etc/monkeysphere/monkeysphere.conf
+System-wide monkeysphere config file.
+.TP
+/etc/monkeysphere/gnupg
+Monkeysphere GNUPG home directory.
+.TP
+/etc/monkeysphere/authorized_user_ids/USER
+Server maintained authorized_user_ids files for users.
+.TP
+/var/cache/monkeysphere/authorized_keys/USER
+User authorized_keys file.
+
+.SH AUTHOR
+
+Written by Jameson Rollins <jrollins@fifthhorseman.net>
+
+.SH SEE ALSO
+
+.BR monkeysphere (1),
+.BR gpg (1),
+.BR ssh (1)