summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2010-10-02Assume that space- or tab-prefixed lines contain ssh authorized_keys options ↵Clint Adams
applicable to the preceding user ID.
2010-10-01fix revoke_key typo in creating temporary directoryMicah Anderson
fix variable specifying which key to revoke monkeysphere-host revoke-key <key-id> would produce the following errors, this commit fixes that: Really publish this cert to zimmermann.mayfirst.org ? (Y/n) y /usr/share/monkeysphere/mh/revoke_key: line 96: mkmstempdir: command not found gpg: new configuration file `/root/.gnupg/gpg.conf' created gpg: WARNING: options in `/root/.gnupg/gpg.conf' are not yet active during this run gpg: "0x!" not a key ID: skipping
2010-09-21Merge remote branch 'jamie/master'Daniel Kahn Gillmor
2010-09-21change log level for outputting message: "! primary key could not beJamie McClelland
translated (not RSA?)." from "error" to "verbose"
2010-09-14fix *all* install paths, including in man pages and transition scriptsJameson Rollins
2010-09-14fix specification of install directories in top level scripts.Jameson Rollins
Various install paths were hard coded in the top level scripts. This was causing problems for non-standard install locations. Also added use of LOCALSTATEDIR variable to specify /var/lib path.
2010-07-04Merge remote branch 'dkg/master'Jameson Rollins
2010-07-04fix debug message in checkpermsJameson Rollins
2010-07-04add keys-for-user subcommand to monkeysphere-authenticationJameson Rollins
This subcommand will output all valid key for a given user. The user's authorized_user_ids file will be read for OpenPGP user IDs, one per line. The ssh-formated RSA keys will be output to stdout. Also included is a simple script that takes the user as it's one argument and exec's this command. This is something that would be suitable for the proposed sshd AuthorizedKeysCommand.
2010-05-06reporting new expiration date when key expiry is updated (closes MS #2291)Daniel Kahn Gillmor
2010-05-06do not fail or bail when admin interactively declines to publish a key with m-hDaniel Kahn Gillmor
2010-05-06support x509 anchors for monkeysphere-host, allow shared anchors between m-a ↵Daniel Kahn Gillmor
and mh (closes MS #2288)
2010-04-17do not try to add to known_hosts if HASH_KNOWN_HOSTS is true but ssh-keygen ↵Daniel Kahn Gillmor
is not available (includes some comments about how to fix these corner cases).
2010-04-17degrade gracefully in the absence of sshDaniel Kahn Gillmor
2010-04-17handling ssh fingerprinting internally with keytrans for sshfprs-for-useridDaniel Kahn Gillmor
2010-04-17make comment more nit-pickingly accurateDaniel Kahn Gillmor
2010-04-17fix gpg_ssh_fingerprint() in monkeysphere to use internal implementation of ↵Daniel Kahn Gillmor
ssh fingerprinting
2010-04-17monkeysphere-host no longer depends on sshDaniel Kahn Gillmor
2010-04-17keytrans openpgp2sshfpr now prints out the key size and typeDaniel Kahn Gillmor
2010-04-17added internal openpgp2sshfpr subcommand for keytransDaniel Kahn Gillmor
2010-03-14added comment about why the key file is named with whitespaceDaniel Kahn Gillmor
2010-03-14deprecate sshfpr; add sshfprs-for-userid (closes: MS #1436)Daniel Kahn Gillmor
2010-03-14use msmktempfile instead of raw mktemp -- should be more portableDaniel Kahn Gillmor
2010-03-14fix CHECK_KEYSERVER for deprecated keys-from-userid as wellDaniel Kahn Gillmor
2010-03-14fix typoDaniel Kahn Gillmor
2010-03-14avoid checking trustdb from monkeysphere-host (Closes: MS #1957)Daniel Kahn Gillmor
2010-03-14fixing an error message in monkeysphere-hostDaniel Kahn Gillmor
2010-03-14cleaning up monkeysphere-host show-key outputDaniel Kahn Gillmor
2010-03-14warn if keyserver query fails (Closes: MS #1750)Daniel Kahn Gillmor
2010-03-14enable use of hkps (closes: MS #1749)Daniel Kahn Gillmor
2010-03-14keys-for-userid now respects MONKEYSPHERE_CHECK_KEYSERVER (Closes: MS ↵Daniel Kahn Gillmor
#1997); finesse description of CHECK_KEYSERVER in monkeysphere.conf (see: MS #2014)
2010-03-08fix my email addressJameson Rollins
2010-02-18allow service names to start with a number (synchronizing with the check in ↵Daniel Kahn Gillmor
get_port_for_service from common). i know of no services named like that, but why be fussy?
2010-02-18enforce --no-armor when exporting to openpgp2ssh in case weird gpg.conf ↵Daniel Kahn Gillmor
options (see bug 1625)
2010-02-02add some useful shortcuts for some common commandsJameson Rollins
2010-01-19Merge remote branch 'jrollins/master'Daniel Kahn Gillmor
2010-01-19re-work monkeysphere-host diagnostics with an eye toward multiple host keysDaniel Kahn Gillmor
2010-01-19dump gpg --import error spew to /dev/null during hackish uses of gpgDaniel Kahn Gillmor
2010-01-19ignoring time conflict when extracting info in a hacky way from gpg. ↵Daniel Kahn Gillmor
warnings still come out to stderr
2010-01-19accepting "--version" as well as "version" subcommand for monkeysphere-host ↵Daniel Kahn Gillmor
and monkeysphere-authentication
2010-01-19added a few more FIXMEs to check_service_name()Daniel Kahn Gillmor
2010-01-19add get_cert_info() to commonDaniel Kahn Gillmor
2010-01-18removing superfluous evalDaniel Kahn Gillmor
2010-01-18tweak loading of fingerprints in multi_key wrapper function, so unnecessary ↵Jameson Rollins
error messages aren't output
2010-01-18no need for recursive removal of a single fileDaniel Kahn Gillmor
2010-01-18flesh out check for reasonable-looking service namesDaniel Kahn Gillmor
2010-01-18add 0.28 transition script to generate new host_keys.pub.pgp file, and ↵Jameson Rollins
remove all ssh_host_rsa_key.pub.gpg file
2010-01-18canonicalize prompting to prompt if MONKEYSPHERE_PROMPT != 'false'Jameson Rollins
2010-01-18add prompt if a service name is already being used then importing a key or ↵Jameson Rollins
adding a name. This can be overridden with the MONKEYSPHERE_PROMPT var.
2010-01-18monkeysphere-host: reverting from host_fingerprints() to ↵Daniel Kahn Gillmor
list_primary_fingerprints()