diff options
| -rw-r--r-- | debian/changelog | 17 | ||||
| -rw-r--r-- | debian/monkeysphere.dirs | 1 | ||||
| -rw-r--r-- | doc/TODO | 21 | ||||
| -rw-r--r-- | doc/george/changelog | 24 | ||||
| -rw-r--r-- | doc/george/user-id-configuration | 7 | ||||
| -rw-r--r-- | etc/monkeysphere-server.conf | 9 | ||||
| -rw-r--r-- | man/man1/monkeysphere-ssh-proxycommand.1 | 30 | ||||
| -rw-r--r-- | man/man1/monkeysphere.1 | 21 | ||||
| -rw-r--r-- | man/man8/monkeysphere-server.8 | 11 | ||||
| -rw-r--r-- | src/common | 186 | ||||
| -rwxr-xr-x | src/monkeysphere | 34 | ||||
| -rwxr-xr-x | src/monkeysphere-server | 100 | ||||
| -rwxr-xr-x | src/monkeysphere-ssh-proxycommand | 2 | ||||
| -rwxr-xr-x | src/seckey2sshagent | 15 |
14 files changed, 211 insertions, 267 deletions
diff --git a/debian/changelog b/debian/changelog index d326473..2133d2d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,11 +1,20 @@ monkeysphere (0.2-1) UNRELEASED; urgency=low - * NOT YET RELEASED - * + [ Daniel Kahn Gillmor ] + * NOT YET RELEASED (switch to "experimental" when ready to release) - -- Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net> Thu, 19 Jun 2008 04:03:45 -0400 + [ Jameson Graef Rollins ] + * Add AUTHORIZED_USER_IDS config variable for server, which defaults to + %h/.config/monkeysphere/authorized_user_ids, instead of + /etc/monkeysphere/authorized_user_ids. + * Remove {update,remove}-userids functions, since we decided they + weren't useful enough to be worth maintaining. + * Better handling of unknown users in server update-users + * Add file locking when modifying known_hosts or authorized_keys -monkeysphere (0.1-1) unstable; urgency=low + -- Jameson Graef Rollins <jrollins@phys.columbia.edu> Fri, 20 Jun 2008 00:43:44 -0400 + +monkeysphere (0.1-1) experimental; urgency=low * First release of debian package for monkeysphere. * This is experimental -- please report bugs! diff --git a/debian/monkeysphere.dirs b/debian/monkeysphere.dirs index bc8abcf..6e90899 100644 --- a/debian/monkeysphere.dirs +++ b/debian/monkeysphere.dirs @@ -2,4 +2,3 @@ usr/share/monkeysphere var/cache/monkeysphere var/cache/monkeysphere/authorized_keys etc/monkeysphere -etc/monkeysphere/authorized_user_ids @@ -26,37 +26,22 @@ Streamline host key generation, publication, verification. See doc/george/host-key-publication for what dkg went through on 2008-06-19 -Streamline authorized_user_ids setup (including question of where - authorized_user_ids files should go). See - doc/george/user-id-configuration for what dkg went through on - 2008-06-19 - Ensure that authorized_user_ids are under as tight control as ssh expects from authorized_keys: we don't want monkeysphere to be a weak link in the filesystem. -What happens when there are no entries in the authorized_user_ids file - for a user? /var/cache/monkeysphere/authorized_keys/$USER.tmp - seems like it gets created and then left there. - What happens when a user account has no corresponding /etc/monkeysphere/authorized_user_ids/$USER file? What gets placed in /var/cache/monkeysphere/authorized_keys/$USER? It looks currently untouched, which could mean bad things for such a user. + - if authorized_user_ids is empty, then the user's authorized_keys + file will be also, unless the user-controlled authorized_keys file + is added. I believe this is expected, correct behavior. Consider the default permissions for /var/cache/monkeysphere/authorized_keys/* (and indeed the whole directory path leading up to that) -What should happen when an admin does - "monkeysphere-server update-users not_an_existent_user"? - currently, it adds - /etc/monkeysphere/authorized_user_ids/not_an_existent_user, which - seems rather wrong. - -is /var/cache/monkeysphere/authorized_keys/$USER.tmp guaranteed to - avoid collisions? Why not use a real mktemp file? - As an administrator, how do i reverse the effect of a "monkeysphere-server trust-keys" that i later decide i should not have run? diff --git a/doc/george/changelog b/doc/george/changelog index 381fa0f..22807d1 100644 --- a/doc/george/changelog +++ b/doc/george/changelog @@ -7,6 +7,30 @@ * changes to this system * ****************************************************************************** +2008-06-20 - micah + * Commented out the 'export SSHD_OOM_ADJUST=-17' from the + /etc/init.d/ssh initscript, and the 'SSHD_OOM_ADJUST=-17' from + /etc/default/ssh in order to make this error go away: + "error writing /proc/self/oom_adj: Operation not permitted" + (c.f. Debian #487325) + +200r-06-20 - dkg + * touched /etc/environment to get rid of some spurious auth.log + entries. + * turned up sshd's LogLevel from INFO to DEBUG + +2008-06-19 - dkg + * installed rsync (for maintaining a public apt repo) + + * configured mathopd to listen on port 80, serving /srv/www as / + and /srv/apt as /debian. We've got nothing in /srv/www at the + moment, though. + + * installed lsof and psmisc as sysadmin utilities. sorry for the + bloat! + + * installed strace to try to figure out why onak is segfaulting. + 2008-06-19 - dkg * removed etch sources, switched "testing" to "lenny", added lenny/updates, removed all contrib and non-free. diff --git a/doc/george/user-id-configuration b/doc/george/user-id-configuration index d42bfbd..9a7f4d2 100644 --- a/doc/george/user-id-configuration +++ b/doc/george/user-id-configuration @@ -33,13 +33,6 @@ and then modified /etc/ssh/sshd_config with: Some outstanding questions: - * why are the authorized_user_ids stored in /etc/ and not in people's - home directories? - - * why are authorized_user_ids managed with a special sub-command of - monkeysphere-server, instead of just being hand-managed files, the - way that authorized_keys are in stock openssh? - * Should we ship a scheduled monkeysphere-server update-users cron job automatically? diff --git a/etc/monkeysphere-server.conf b/etc/monkeysphere-server.conf index 3915bf4..847e879 100644 --- a/etc/monkeysphere-server.conf +++ b/etc/monkeysphere-server.conf @@ -17,8 +17,15 @@ # a = authentication #REQUIRED_USER_KEY_CAPABILITY="a" +# Path to authorized_user_ids file to process to create +# authorized_keys file. '%h' will be replaced by the home directory +# of the user, and %u will be replaced by the username of the user. +# For purely admin-controlled authorized_user_ids, you might put them +# in /etc/monkeysphere/authorized_user_ids/%u +#AUTHORIZED_USER_IDS="%h/.config/monkeysphere/authorized_user_ids" + # Whether to add user controlled authorized_keys file to # monkeysphere-generated authorized_keys file. Should be path to file # where '%h' will be replaced by the home directory of the user. # To not add any user-controlled file, put "-" -#USER_CONTROLLED_AUTHORIZED_KEYS=%h/.ssh/authorized_keys +#USER_CONTROLLED_AUTHORIZED_KEYS="%h/.ssh/authorized_keys" diff --git a/man/man1/monkeysphere-ssh-proxycommand.1 b/man/man1/monkeysphere-ssh-proxycommand.1 index 5fabb91..c4196f2 100644 --- a/man/man1/monkeysphere-ssh-proxycommand.1 +++ b/man/man1/monkeysphere-ssh-proxycommand.1 @@ -18,17 +18,29 @@ or by adding the following line to your ~/.ssh/config script: .B ProxyCommand monkeysphere-ssh-proxycommand %h %p -The script is very simple, and can easily be incorporated into other -ProxyCommand scripts. It first tests to see if the host is in the -known_hosts file. If it's not, the CHECK_KEYSERVER variable is set to -true and "update-known_hosts" is run for the host to check for a host -key for that host. If the host is found in the known_hosts file, -CHECK_KEYSERVER is set to false and "update-known_hosts" is run to -update from the local keychain. +The script can easily be incorporated into other ProxyCommand scripts +by calling it with the "--no-connect" option, ie: -Run the following command for more info: +.B monkeysphere-ssh-proxycommand --no-connect "$HOST" "$PORT" -.B less $(which monkeysphere-ssh-proxycommand) +This will run everything but will not exec netcat to make the tcp +connection to the host. + +.SH KEYSERVER CHECKING + +The proxy command has a fairly nuanced policy for when keyservers are +queried when processing host. If the host userID is not found in +either the user's keyring or in the known_hosts file, then the +keyserver is queried for the host userID. If the host userID is found +in the user's keyring, then the keyserver is not checked. This is +because... If the host userID is not found in the user's keyring, but +the host is listed in the known_hosts file, then defered check is +scheduled. + +.SH ENVIRONMENT VARIABLES + +.TP +KEYSERVER The keyserver to query. .SH AUTHOR diff --git a/man/man1/monkeysphere.1 b/man/man1/monkeysphere.1 index f36d69e..30e35bb 100644 --- a/man/man1/monkeysphere.1 +++ b/man/man1/monkeysphere.1 @@ -33,20 +33,6 @@ is done. If no hosts are specified, all hosts listed in the known_hosts file will be processed. `k' may be used in place of `update-known_hosts'. .TP -.B update-userids [USERID]... -Add/update a user ID to the authorized_user_ids file. The user IDs -specified should be exact matches to OpenPGP user IDs. For each -specified user ID, gpg will be queried for a key associated with that -user ID, querying a keyserver if specified. If a key is found, the -user ID will be added to the user's authorized_user_ids file (if it -wasn't already present). `u' may be used in place of -`update-userids'. -.TP -.B remove-userids [USERID]... -Remove a user ID from the authorized_user_ids file. The user IDs -specified should be exact matches to OpenPGP user IDs. `r' may be -used in place of `remove-userids'. -.TP .B update-authorized_keys Update the monkeysphere authorized_keys file. For each user ID in the user's authorized_user_ids file, gpg will be queried for keys @@ -78,9 +64,7 @@ specification for the host, ie. "ssh://host.full.domain". GPG keys are considered acceptable if the following criteria are met: .TP .B capability -For host keys, the key must have both the "authentication" ("a") and -"encrypt" ("e") capability flags. For user keys, the key must have -the "authentication" ("a") capability flag. +The key must have the "authentication" ("a") usage flag set. .TP .B validity The key must be "fully" valid, and must not be expired or revoked. @@ -97,9 +81,6 @@ System-wide monkeysphere config file. ~/.config/monkeysphere/authorized_user_ids OpenPGP user IDs associated with keys that will be checked for addition to the authorized_keys file. -.TP -~/.config/monkeysphere/authorized_keys -Monkeysphere generated authorized_keys file. .SH AUTHOR diff --git a/man/man8/monkeysphere-server.8 b/man/man8/monkeysphere-server.8 index 28149fb..3073adc 100644 --- a/man/man8/monkeysphere-server.8 +++ b/man/man8/monkeysphere-server.8 @@ -23,7 +23,8 @@ be used for authentication of ssh connections. .TP .B update-users [USER]... Update the admin-controlled authorized_keys files for user. For each -user specified, update the user's authorized_keys file in +user specified, user ID's listed in the user's authorized_user_ids +file are processed, and the user's authorized_keys file in /var/cache/monkeysphere/authorized_keys/USER. See `man monkeysphere' for more info. If the USER_CONTROLLED_AUTHORIZED_KEYS variable is set, then a user-controlled authorized_keys file (usually @@ -46,14 +47,6 @@ of `publish-key'. Mark key specified with key IDs with full owner trust. `t' may be used in place of `trust-keys'. .TP -.B update-user-userids USER USERID... -Add/update a user ID to the authorized_user_ids file for USER. `u' may -be used in place of `update-user-userids'. -.TP -.B remove-user-userids USER USERID... -Remove a user ID from the authorized_user_ids file for USER. `r' may -be used in place of `remove-user-userids'. -.TP .B help Output a brief usage summary. `h' or `?' may be used in place of `help'. @@ -18,10 +18,17 @@ ETC="/etc/monkeysphere" export ETC CACHE="/var/cache/monkeysphere" export CACHE +ERR=0 +export ERR ######################################################################## ### UTILITY FUNCTIONS +error() { + log "$1" + ERR=${2:-'1'} +} + failure() { echo "$1" >&2 exit ${2:-'1'} @@ -29,12 +36,12 @@ failure() { # write output to stderr log() { - echo -n "ms: " 1>&2 - echo "$@" 1>&2 + echo -n "ms: " >&2 + echo "$@" >&2 } loge() { - echo "$@" 1>&2 + echo "$@" >&2 } # cut out all comments(#) and blank lines from standard input @@ -85,6 +92,25 @@ remove_line() { fi } +# translate ssh-style path variables %h and %u +translate_ssh_variables() { + local uname + local home + + uname="$1" + path="$2" + + # get the user's home directory + userHome=$(getent passwd "$uname" | cut -d: -f6) + + # translate '%u' to user name + path=${path/\%u/"$uname"} + # translate '%h' to user home directory + path=${path/\%h/"$userHome"} + + echo "$path" +} + ### CONVERTION UTILITIES # output the ssh key for a given key ID @@ -351,110 +377,79 @@ process_user_id() { done } -# update the cache for userid, and prompt to add file to -# authorized_user_ids file if the userid is found in gpg -# and not already in file. -update_userid() { - local userID - - userID="$1" - - log "processing userid: '$userID'" - - # process the user ID to pull it from keyserver - process_user_id "$userID" | grep -q "^0 " - - # check if user ID is in the authorized_user_ids file - if ! grep -q "^${userID}\$" "$AUTHORIZED_USER_IDS" ; then - read -p "user ID not currently authorized. authorize? [Y|n]: " OK; OK=${OK:=Y} - if [ ${OK/y/Y} = 'Y' ] ; then - # add if specified - log -n " adding user ID to authorized_user_ids file... " - echo "$userID" >> "$AUTHORIZED_USER_IDS" - loge "done." - else - # else do nothing - log " authorized_user_ids file untouched." - fi - fi -} - -# remove a userid from the authorized_user_ids file -remove_userid() { - local userID - - userID="$1" - - log "processing userid: '$userID'" - - # check if user ID is in the authorized_user_ids file - if ! grep -q "^${userID}\$" "$AUTHORIZED_USER_IDS" ; then - log " user ID not currently authorized." - return 1 - fi - - # remove user ID from file - log -n " removing user ID '$userID'... " - remove_line "$AUTHORIZED_USER_IDS" "^${userID}$" - loge "done." -} - -# process a host in known_host file -process_host_known_hosts() { +# process hosts in the known_host file +process_hosts_known_hosts() { local host local userID local ok local keyid local tmpfile - host="$1" - userID="ssh://${host}" - - log "processing host: $host" - - process_user_id "ssh://${host}" | \ - while read -r ok keyid ; do - sshKey=$(gpg2ssh "$keyid") - # remove the old host key line - remove_line "$KNOWN_HOSTS" "$sshKey" - # if key OK, add new host line - if [ "$ok" -eq '0' ] ; then - # hash if specified - if [ "$HASH_KNOWN_HOSTS" = 'true' ] ; then - # FIXME: this is really hackish cause ssh-keygen won't - # hash from stdin to stdout - tmpfile=$(mktemp) - ssh2known_hosts "$host" "$sshKey" > "$tmpfile" - ssh-keygen -H -f "$tmpfile" 2> /dev/null - cat "$tmpfile" >> "$KNOWN_HOSTS" - rm -f "$tmpfile" "${tmpfile}.old" - else - ssh2known_hosts "$host" "$sshKey" >> "$KNOWN_HOSTS" + # create a lockfile on known_hosts + lockfile-create "$KNOWN_HOSTS" + + for host ; do + log "processing host: $host" + + userID="ssh://${host}" + + process_user_id "ssh://${host}" | \ + while read -r ok keyid ; do + sshKey=$(gpg2ssh "$keyid") + # remove the old host key line + remove_line "$KNOWN_HOSTS" "$sshKey" + # if key OK, add new host line + if [ "$ok" -eq '0' ] ; then + # hash if specified + if [ "$HASH_KNOWN_HOSTS" = 'true' ] ; then + # FIXME: this is really hackish cause ssh-keygen won't + # hash from stdin to stdout + tmpfile=$(mktemp) + ssh2known_hosts "$host" "$sshKey" > "$tmpfile" + ssh-keygen -H -f "$tmpfile" 2> /dev/null + cat "$tmpfile" >> "$KNOWN_HOSTS" + rm -f "$tmpfile" "${tmpfile}.old" + else + ssh2known_hosts "$host" "$sshKey" >> "$KNOWN_HOSTS" + fi fi - fi + done + # touch the lockfile, for good measure. + lockfile-touch --oneshot "$KNOWN_HOSTS" done + + # remove the lockfile + lockfile-remove "$KNOWN_HOSTS" } -# process a uid in an authorized_keys file -process_uid_authorized_keys() { +# process uids for the authorized_keys file +process_uids_authorized_keys() { local userID local ok local keyid - userID="$1" + # create a lockfile on authorized_keys + lockfile-create "$AUTHORIZED_KEYS" - log "processing user ID: $userID" + for userID ; do + log "processing user ID: $userID" - process_user_id "$userID" | \ - while read -r ok keyid ; do - sshKey=$(gpg2ssh "$keyid") - # remove the old host key line - remove_line "$AUTHORIZED_KEYS" "$sshKey" - # if key OK, add new host line - if [ "$ok" -eq '0' ] ; then - ssh2authorized_keys "$userID" "$sshKey" >> "$AUTHORIZED_KEYS" - fi + process_user_id "$userID" | \ + while read -r ok keyid ; do + sshKey=$(gpg2ssh "$keyid") + # remove the old host key line + remove_line "$AUTHORIZED_KEYS" "$sshKey" + # if key OK, add new host line + if [ "$ok" -eq '0' ] ; then + ssh2authorized_keys "$userID" "$sshKey" >> "$AUTHORIZED_KEYS" + fi + done + # touch the lockfile, for good measure. + lockfile-touch --oneshot "$AUTHORIZED_KEYS" done + + # remove the lockfile + lockfile-remove "$AUTHORIZED_KEYS" } # process known_hosts file @@ -469,10 +464,7 @@ process_known_hosts() { cat "$KNOWN_HOSTS" | meat | \ cut -d ' ' -f 1 | grep -v '^|.*$' | \ while IFS=, read -r -a hosts ; do - # and process each host - for host in ${hosts[*]} ; do - process_host_known_hosts "$host" - done + process_hosts_known_hosts ${hosts[@]} done } @@ -480,9 +472,11 @@ process_known_hosts() { process_authorized_user_ids() { local userid - cat "$AUTHORIZED_USER_IDS" | meat | \ + authorizedUserIDs="$1" + + cat "$authorizedUserIDs" | meat | \ while read -r userid ; do - process_uid_authorized_keys "$userid" + process_uids_authorized_keys "$userid" done } diff --git a/src/monkeysphere b/src/monkeysphere index a6cecfd..58f0fdc 100755 --- a/src/monkeysphere +++ b/src/monkeysphere @@ -35,8 +35,6 @@ MonkeySphere client tool. subcommands: update-known_hosts (k) [HOST]... update known_hosts file - update-userids (u) [USERID]... add/update user IDs - remove-userids (r) [USERID]... remove user IDs update-authorized_keys (a) update authorized_keys file gen-subkey (g) KEYID generate an 'a' capable subkey help (h,?) this help @@ -142,12 +140,9 @@ case $COMMAND in # if hosts are specified on the command line, process just # those hosts if [ "$1" ] ; then - for host ; do - process_host_known_hosts "$host" - done - log "known_hosts file updated." + process_hosts_known_hosts "$@" - # otherwise, if no hosts are specified, process every user + # otherwise, if no hosts are specified, process every host # in the user's known_hosts file else if [ ! -s "$KNOWN_HOSTS" ] ; then @@ -155,30 +150,9 @@ case $COMMAND in fi log "processing known_hosts file..." process_known_hosts - log "known_hosts file updated." fi - ;; - 'update-userids'|'update-userid'|'u') - if [ -z "$1" ] ; then - failure "you must specify at least one userid." - fi - for userID ; do - update_userid "$userID" - done - log "Run the following to update your monkeysphere authorized_keys file:" - log "$PGRM update-authorized_keys" - ;; - - 'remove-userids'|'remove-userid'|'r') - if [ -z "$1" ] ; then - failure "you must specify at least one userid." - fi - for userID ; do - remove_userid "$userID" - done - log "Run the following to update your monkeysphere authorized_keys file:" - log "$PGRM update-authorized_keys" + log "known_hosts file updated." ;; 'update-authorized_keys'|'update-authorized-keys'|'a') @@ -191,7 +165,7 @@ case $COMMAND in # process authorized_user_ids file log "processing authorized_user_ids file..." - process_authorized_user_ids + process_authorized_user_ids "$AUTHORIZED_USER_IDS" log "authorized_keys file updated." ;; diff --git a/src/monkeysphere-server b/src/monkeysphere-server index 96a1070..693c062 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -31,14 +31,11 @@ usage: $PGRM <subcommand> [args] MonkeySphere server admin tool. subcommands: + update-users (s) [USER]... update users authorized_keys files gen-key (g) [HOSTNAME] generate gpg key for the server show-fingerprint (f) show server's host key fingerprint publish-key (p) publish server key to keyserver trust-keys (t) KEYID... mark keyids as trusted - - update-users (s) [USER]... update users authorized_keys files - update-user-userids (u) USER UID... add/update user IDs for a user - remove-user-userids (r) USER UID... remove user IDs for a user help (h,?) this help EOF @@ -139,6 +136,7 @@ GNUPGHOME=${GNUPGHOME:-"${MS_HOME}/gnupg"} KEYSERVER=${KEYSERVER:-"subkeys.pgp.net"} CHECK_KEYSERVER=${CHECK_KEYSERVER:="true"} REQUIRED_USER_KEY_CAPABILITY=${REQUIRED_USER_KEY_CAPABILITY:-"a"} +AUTHORIZED_USER_IDS=${AUTHORIZED_USER_IDS:-"%h/.config/monkeysphere/authorized_user_ids"} USER_CONTROLLED_AUTHORIZED_KEYS=${USER_CONTROLLED_AUTHORIZED_KEYS:-"%h/.ssh/authorized_keys"} export GNUPGHOME @@ -153,40 +151,50 @@ mkdir -p "${CACHE}/authorized_keys" case $COMMAND in 'update-users'|'update-user'|'s') if [ "$1" ] ; then + # get users from command line unames="$@" else - unames=$(ls -1 "${MS_HOME}/authorized_user_ids") + # or just look at all users if none specified + unames=$(getent passwd | cut -d: -f1) fi + # loop over users for uname in $unames ; do MODE="authorized_keys" + # check all specified users exist + if ! getent passwd "$uname" >/dev/null ; then + error "----- unknown user '$uname' -----" + continue + fi + + # set authorized_user_ids variable, + # translate ssh-style path variables + authorizedUserIDs=$(translate_ssh_variables "$uname" "$AUTHORIZED_USER_IDS") + + # skip user if authorized_user_ids file does not exist + if [ ! -f "$authorizedUserIDs" ] ; then + continue + fi + log "----- user: $uname -----" - # set variables for the user - AUTHORIZED_USER_IDS="${MS_HOME}/authorized_user_ids/${uname}" # temporary authorized_keys file - AUTHORIZED_KEYS="${CACHE}/authorized_keys/${uname}.tmp" - - # make sure user's authorized_user_ids file exists - touch "$AUTHORIZED_USER_IDS" - # make sure the authorized_keys file exists and is clear - > "$AUTHORIZED_KEYS" + AUTHORIZED_KEYS=$(mktemp) # skip if the user's authorized_user_ids file is empty - if [ ! -s "$AUTHORIZED_USER_IDS" ] ; then - log "authorized_user_ids file for '$uname' is empty." + if [ ! -s "$authorizedUserIDs" ] ; then + log "authorized_user_ids file '$authorizedUserIDs' is empty." continue fi # process authorized_user_ids file log "processing authorized_user_ids file..." - process_authorized_user_ids + process_authorized_user_ids "$authorizedUserIDs" # add user-controlled authorized_keys file path if specified if [ "$USER_CONTROLLED_AUTHORIZED_KEYS" != '-' ] ; then - userHome=$(getent passwd "$uname" | cut -d: -f6) - userAuthorizedKeys=${USER_CONTROLLED_AUTHORIZED_KEYS/\%h/"$userHome"} + userAuthorizedKeys=$(translate_ssh_variables "$uname" "$USER_CONTROLLED_AUTHORIZED_KEYS") if [ -f "$userAuthorizedKeys" ] ; then log -n "adding user's authorized_keys file... " cat "$userAuthorizedKeys" >> "$AUTHORIZED_KEYS" @@ -195,12 +203,10 @@ case $COMMAND in fi # move the temp authorized_keys file into place - mv -f "${CACHE}/authorized_keys/${uname}.tmp" "${CACHE}/authorized_keys/${uname}" + mv -f "$AUTHORIZED_KEYS" "${CACHE}/authorized_keys/${uname}" log "authorized_keys file updated." done - - log "----- done. -----" ;; 'gen-key'|'g') @@ -226,56 +232,6 @@ case $COMMAND in done ;; - 'update-user-userids'|'update-user-userid'|'u') - uname="$1" - shift - if [ -z "$uname" ] ; then - failure "You must specify user." - fi - if [ -z "$1" ] ; then - failure "You must specify at least one user ID." - fi - - # set variables for the user - AUTHORIZED_USER_IDS="$MS_HOME"/authorized_user_ids/"$uname" - - # make sure user's authorized_user_ids file exists - touch "$AUTHORIZED_USER_IDS" - - # process the user IDs - for userID ; do - update_userid "$userID" - done - - log "Run the following to update user's authorized_keys file:" - log "$PGRM update-users $uname" - ;; - - 'remove-user-userids'|'remove-user-userid'|'r') - uname="$1" - shift - if [ -z "$uname" ] ; then - failure "You must specify user." - fi - if [ -z "$1" ] ; then - failure "You must specify at least one user ID." - fi - - # set variables for the user - AUTHORIZED_USER_IDS="$MS_HOME"/authorized_user_ids/"$uname" - - # make sure user's authorized_user_ids file exists - touch "$AUTHORIZED_USER_IDS" - - # process the user IDs - for userID ; do - remove_userid "$userID" - done - - log "Run the following to update user's authorized_keys file:" - log "$PGRM update-users $uname" - ;; - 'help'|'h'|'?') usage ;; @@ -285,3 +241,5 @@ case $COMMAND in Type '$PGRM help' for usage." ;; esac + +exit "$ERR" diff --git a/src/monkeysphere-ssh-proxycommand b/src/monkeysphere-ssh-proxycommand index 4cbcd51..f4d4b0d 100755 --- a/src/monkeysphere-ssh-proxycommand +++ b/src/monkeysphere-ssh-proxycommand @@ -49,7 +49,7 @@ if [ "$PORT" != '22' ] ; then fi # if the host is in the gpg keyring... -if gpg --list-key ="${URI}" >/dev/null ; then +if gpg --list-key ="${URI}" 2>&1 >/dev/null ; then # do not check the keyserver CHECK_KEYSERVER="false" # if the host is NOT in the keyring... diff --git a/src/seckey2sshagent b/src/seckey2sshagent index 0e8d695..d8e9b79 100755 --- a/src/seckey2sshagent +++ b/src/seckey2sshagent @@ -1,5 +1,20 @@ #!/bin/sh +# seckey2sshagent: this is a hack of a script to cope with the fact +# that openpgp2ssh currently cannot support encrypted secret keys. + +# the basic operating principal is: + +# export the secret key in encrypted format to a new keyring + +# remove the passphrase in that keyring + +# use that keyring with openpgp2ssh + +# Authors: Daniel Kahn Gillmor <dkg@fifthhorseman.net>, +# Jameson Rollins <jrollins@fifthhorseman.net> + + cleanup() { echo -n "removing temp gpg home... " rm -rf $FOO |