summaryrefslogtreecommitdiff
path: root/src/share
AgeCommit message (Collapse)Author
2010-10-02Assume that space- or tab-prefixed lines contain ssh authorized_keys options ↵Clint Adams
applicable to the preceding user ID.
2010-10-01fix revoke_key typo in creating temporary directoryMicah Anderson
fix variable specifying which key to revoke monkeysphere-host revoke-key <key-id> would produce the following errors, this commit fixes that: Really publish this cert to zimmermann.mayfirst.org ? (Y/n) y /usr/share/monkeysphere/mh/revoke_key: line 96: mkmstempdir: command not found gpg: new configuration file `/root/.gnupg/gpg.conf' created gpg: WARNING: options in `/root/.gnupg/gpg.conf' are not yet active during this run gpg: "0x!" not a key ID: skipping
2010-09-21Merge remote branch 'jamie/master'Daniel Kahn Gillmor
2010-09-21change log level for outputting message: "! primary key could not beJamie McClelland
translated (not RSA?)." from "error" to "verbose"
2010-09-14fix *all* install paths, including in man pages and transition scriptsJameson Rollins
2010-07-04Merge remote branch 'dkg/master'Jameson Rollins
2010-07-04fix debug message in checkpermsJameson Rollins
2010-07-04add keys-for-user subcommand to monkeysphere-authenticationJameson Rollins
This subcommand will output all valid key for a given user. The user's authorized_user_ids file will be read for OpenPGP user IDs, one per line. The ssh-formated RSA keys will be output to stdout. Also included is a simple script that takes the user as it's one argument and exec's this command. This is something that would be suitable for the proposed sshd AuthorizedKeysCommand.
2010-05-06reporting new expiration date when key expiry is updated (closes MS #2291)Daniel Kahn Gillmor
2010-05-06do not fail or bail when admin interactively declines to publish a key with m-hDaniel Kahn Gillmor
2010-05-06support x509 anchors for monkeysphere-host, allow shared anchors between m-a ↵Daniel Kahn Gillmor
and mh (closes MS #2288)
2010-04-17do not try to add to known_hosts if HASH_KNOWN_HOSTS is true but ssh-keygen ↵Daniel Kahn Gillmor
is not available (includes some comments about how to fix these corner cases).
2010-04-17degrade gracefully in the absence of sshDaniel Kahn Gillmor
2010-04-17handling ssh fingerprinting internally with keytrans for sshfprs-for-useridDaniel Kahn Gillmor
2010-04-17make comment more nit-pickingly accurateDaniel Kahn Gillmor
2010-04-17keytrans openpgp2sshfpr now prints out the key size and typeDaniel Kahn Gillmor
2010-04-17added internal openpgp2sshfpr subcommand for keytransDaniel Kahn Gillmor
2010-03-14warn if keyserver query fails (Closes: MS #1750)Daniel Kahn Gillmor
2010-03-14enable use of hkps (closes: MS #1749)Daniel Kahn Gillmor
2010-03-08fix my email addressJameson Rollins
2010-02-18enforce --no-armor when exporting to openpgp2ssh in case weird gpg.conf ↵Daniel Kahn Gillmor
options (see bug 1625)
2010-01-19re-work monkeysphere-host diagnostics with an eye toward multiple host keysDaniel Kahn Gillmor
2010-01-19dump gpg --import error spew to /dev/null during hackish uses of gpgDaniel Kahn Gillmor
2010-01-19ignoring time conflict when extracting info in a hacky way from gpg. ↵Daniel Kahn Gillmor
warnings still come out to stderr
2010-01-19add get_cert_info() to commonDaniel Kahn Gillmor
2010-01-18flesh out check for reasonable-looking service namesDaniel Kahn Gillmor
2010-01-18canonicalize prompting to prompt if MONKEYSPHERE_PROMPT != 'false'Jameson Rollins
2010-01-18add prompt if a service name is already being used then importing a key or ↵Jameson Rollins
adding a name. This can be overridden with the MONKEYSPHERE_PROMPT var.
2010-01-18renaming m-h update_gpg_pub_file to update_pgp_pub_fileDaniel Kahn Gillmor
2010-01-18add check that service name isn't already in use in import_keyJameson Rollins
2010-01-18fix stupid think-o that caused keytrans adduserid to misbehave if another ↵Daniel Kahn Gillmor
key came in the input stream after the desired key was already found
2010-01-18added non-public "keytrans listfprs" subcommandDaniel Kahn Gillmor
2010-01-15Major rework of monkeysphere-host to handle multiple host keys.Jameson Rollins
This rework removes any assumption that monkeysphere-host is just managing a single host key, or that the keys are used specifically for ssh. The UI is exactly backwards compatible except that hostnames ('example.com') must be replaced by full service names ('ssh://example.com'). This incarnation passes the old tests with those changes only. There are a couple of things that still need to be done: - need to see if a transition script is needed (some local file names have changed) - need to fill in check_service_name function to verify that a specified service name fits the expected format. - update diagnostics appropriately
2010-01-15add trap to remove temp dir in list_primary_fingerprints functionJameson Rollins
2010-01-11rename keys-from-userid command to more accurate keys-for-useridJameson Rollins
leave the old command for now, but warn as deprecated.
2010-01-10Fix patch for gen_key to test gpg version.Jameson Rollins
This patch checks the version of gpg (for v1 and v2) and sets the key type command for the gen_subkey gpg edit-key script appropriately.
2010-01-10added notes about what version needs what keyTypeDaniel Kahn Gillmor
2010-01-10Add new keys-from-userid subcommand to monkeysphere UI.Jameson Rollins
This new subcommand calls a new function, keys_from_userid, that outputs to stdout all acceptable keys for a given user ID literal.
2010-01-10Clean up REQUIRED_KEY_CAPABILITY option passing to process_user_id.Jameson Rollins
Get rid of 'MODE' stuff, since it was not very clear and wasn't really being used.
2009-12-20fix ms Issue #1536 for gpg edit/addkey UI changeJameson Graef Rollins
gnupg apparently changed their edit-key/addkey function ordering such that the monkeysphere gen-subkey subcommand was creating DSA authentication subkeys instead of RSA subkeys. DSA subkeys are not supported by the ms key translation utilities, so this is a big problem. This patch fixes the problem, but it means that we have require gnupg >=1.4.10 from now on, or at least until gnupg changes their UI again for no good reason.
2009-12-12hush up m-a setup because the dd was making noiseDaniel Kahn Gillmor
2009-09-24avoid noisy warning message when ssh-askpass not availableDaniel Kahn Gillmor
2009-08-01cleaning up log function in checkperms for future expandability.Daniel Kahn Gillmor
2009-08-01swap order of bitwise and to avoid confusion in perl < 5.10Daniel Kahn Gillmor
2009-08-01removing duplicate check that snuck in somehowDaniel Kahn Gillmor
2009-08-01attempting to resolve MS #675Daniel Kahn Gillmor
2009-08-01switch to using new checkperms script.Daniel Kahn Gillmor
2009-08-01whitespace fixing and using environment variables exported from monkeysphere ↵Daniel Kahn Gillmor
for checkperms.
2009-08-01added new perl script to check permissions.Daniel Kahn Gillmor
2009-07-26ensuring that STRICT_MODES gets passed through to the monkeysphere subshell ↵Daniel Kahn Gillmor
properly, and that we set it to a literal "false" in the tests. This should resolve the FTBFS associated with MS #659