summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--debian/changelog5
-rw-r--r--website/bugs/handle-passphrase-locked-secret-keys.mdwn6
-rw-r--r--website/bugs/install-seckey2sshagent-in-usr-bin.mdwn10
3 files changed, 18 insertions, 3 deletions
diff --git a/debian/changelog b/debian/changelog
index fb1c2f4..f3efd57 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,4 +1,4 @@
-monkeysphere (0.11-1) UNRELEASED; urgency=low
+monkeysphere (0.11-1) experimental; urgency=low
[ Jameson Graef Rollins ]
* fix bug in trustdb update on add/revoke-hostname.
@@ -6,6 +6,9 @@ monkeysphere (0.11-1) UNRELEASED; urgency=low
[ Daniel Kahn Gillmor ]
* debian/control: added Build-Depends: git-core for the new packaging
format
+ * new subcommand: monkeysphere subkey-to-ssh-agent (relies on a patched
+ GnuTLS to deal with GPG's gnu-dummy S2K extension, but fails cleanly
+ if not found).
-- Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net> Wed, 20 Aug 2008 11:24:35 -0400
diff --git a/website/bugs/handle-passphrase-locked-secret-keys.mdwn b/website/bugs/handle-passphrase-locked-secret-keys.mdwn
index ae5bf72..2df14eb 100644
--- a/website/bugs/handle-passphrase-locked-secret-keys.mdwn
+++ b/website/bugs/handle-passphrase-locked-secret-keys.mdwn
@@ -32,7 +32,7 @@ primary key, then something like the following script should actually
work for reasonable values of `$KEYID`:
TMPDIR=$(mktemp -d)
- uname 077
+ umask 077
mkfifo "$TMPDIR/passphrase"
kname="MonkeySphere Key $KEYID"
mkfifo "$TMPDIR/$kname"
@@ -50,6 +50,10 @@ so if we can get it incorporated into upstream (and/or into debian),
we have a possible solution, as long as the authentication key is a
subkey, and not a primary key.
+As of version 0.11-1, `monkeysphere subkey-to-ssh-agent` implements
+this particular strategy (and fails cleanly if the version of GnuTLS
+present doesn't support the GNU dummy S2K extension).
+
---------
Ben Laurie and Rachel Willmer's
diff --git a/website/bugs/install-seckey2sshagent-in-usr-bin.mdwn b/website/bugs/install-seckey2sshagent-in-usr-bin.mdwn
index 0163727..e2c2682 100644
--- a/website/bugs/install-seckey2sshagent-in-usr-bin.mdwn
+++ b/website/bugs/install-seckey2sshagent-in-usr-bin.mdwn
@@ -35,9 +35,17 @@ which means that we can cleanly test whether the proposed [handling of
passphrase-locked secret
keys](bugs/handle-passphrase-locked-secret-keys/) is functional. With
that in mind, I'd like to propose that we could resolve this bug
-simply by adding a new subcommand: `monkeysphere authkey-to-agent`,
+simply by adding a new subcommand: `monkeysphere subkey-to-ssh-agent`,
which would fail in the absence of a functionally-patched GnuTLS.
Would this proposal be sufficient to resolve this bug?
--dkg
+
+---
+
+Version 0.11-1 now has the `monkeysphere subkey-to-ssh-agent`
+subcommand, which works cleanly in the presence of a
+functionally-patched GnuTLS.
+
+--dkg