diff options
Diffstat (limited to 'website/bugs')
-rw-r--r-- | website/bugs/handle-passphrase-locked-secret-keys.mdwn | 6 | ||||
-rw-r--r-- | website/bugs/install-seckey2sshagent-in-usr-bin.mdwn | 10 |
2 files changed, 14 insertions, 2 deletions
diff --git a/website/bugs/handle-passphrase-locked-secret-keys.mdwn b/website/bugs/handle-passphrase-locked-secret-keys.mdwn index ae5bf72..2df14eb 100644 --- a/website/bugs/handle-passphrase-locked-secret-keys.mdwn +++ b/website/bugs/handle-passphrase-locked-secret-keys.mdwn @@ -32,7 +32,7 @@ primary key, then something like the following script should actually work for reasonable values of `$KEYID`: TMPDIR=$(mktemp -d) - uname 077 + umask 077 mkfifo "$TMPDIR/passphrase" kname="MonkeySphere Key $KEYID" mkfifo "$TMPDIR/$kname" @@ -50,6 +50,10 @@ so if we can get it incorporated into upstream (and/or into debian), we have a possible solution, as long as the authentication key is a subkey, and not a primary key. +As of version 0.11-1, `monkeysphere subkey-to-ssh-agent` implements +this particular strategy (and fails cleanly if the version of GnuTLS +present doesn't support the GNU dummy S2K extension). + --------- Ben Laurie and Rachel Willmer's diff --git a/website/bugs/install-seckey2sshagent-in-usr-bin.mdwn b/website/bugs/install-seckey2sshagent-in-usr-bin.mdwn index 0163727..e2c2682 100644 --- a/website/bugs/install-seckey2sshagent-in-usr-bin.mdwn +++ b/website/bugs/install-seckey2sshagent-in-usr-bin.mdwn @@ -35,9 +35,17 @@ which means that we can cleanly test whether the proposed [handling of passphrase-locked secret keys](bugs/handle-passphrase-locked-secret-keys/) is functional. With that in mind, I'd like to propose that we could resolve this bug -simply by adding a new subcommand: `monkeysphere authkey-to-agent`, +simply by adding a new subcommand: `monkeysphere subkey-to-ssh-agent`, which would fail in the absence of a functionally-patched GnuTLS. Would this proposal be sufficient to resolve this bug? --dkg + +--- + +Version 0.11-1 now has the `monkeysphere subkey-to-ssh-agent` +subcommand, which works cleanly in the presence of a +functionally-patched GnuTLS. + +--dkg |