From 8714868fe12f15afc02ee84379b544774df35c15 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 31 Jul 2008 20:42:49 -0400 Subject: initial pass at monkeysphere-server diagnostics (lots more to fill in!) --- debian/changelog | 6 +++ man/man8/monkeysphere-server.8 | 8 ++++ src/monkeysphere-server | 100 +++++++++++++++++++++++++++++++++++++++++ 3 files changed, 114 insertions(+) diff --git a/debian/changelog b/debian/changelog index 71ef1a8..fcf87f1 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +monkeysphere (0.7-) UNRELEASED; urgency=low + + * Added monkeysphere-server diagnostics subcommand. + + -- Daniel Kahn Gillmor Thu, 31 Jul 2008 19:27:45 -0400 + monkeysphere (0.6-1) experimental; urgency=low [ Jameson Graef Rollins ] diff --git a/man/man8/monkeysphere-server.8 b/man/man8/monkeysphere-server.8 index d7710e5..527cae7 100644 --- a/man/man8/monkeysphere-server.8 +++ b/man/man8/monkeysphere-server.8 @@ -52,6 +52,14 @@ Show the fingerprint for the host's OpenPGP key. `f' may be used in place of Publish the host's OpenPGP key to the keyserver. `p' may be used in place of `publish-key'. .TP +.B diagnostics +Review the state of the server with respect to the MonkeySphere in +general and report on suggested changes. Among other checks, this +includes making sure there is a valid host key, that the key is +published, that the sshd configuration points to the right place, and +that there are at least some valid identity certifiers. `d' may be +used in place of `diagnostics'. +.TP .B add-identity-certifier KEYID Instruct system to trust user identity certifications made by KEYID. Using the `-n' or `--domain' option allows you to indicate that you diff --git a/src/monkeysphere-server b/src/monkeysphere-server index ce80059..98b60c0 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -45,6 +45,7 @@ subcommands: -r|--revoker FINGERPRINT add a revoker show-fingerprint (f) show server's host key fingerprint publish-key (p) publish server's host key to keyserver + diagnostics (d) report on the server's monkeysphere status add-identity-certifier (a) KEYID import and tsign a certification key -n|--domain DOMAIN limit ID certifications to IDs in DOMAIN () @@ -379,6 +380,101 @@ publish_server_key() { exit 255 } +diagnostics() { +# * check on the status and validity of the key and public certificates + local seckey + local keysfound + local keyexp + local curdate + local warnwindow + local warndate + + seckey=$(gpg_host --list-secret-keys --with-colons --fixed-list-mode) + keysfound=$(echo "$seckey" | grep -c ^sec:) + curdate=$(date +%s) + # warn when anything is 2 months away from expiration + warnwindow='2 months' + warndate=$(date +%s -d "$warnwindow") + + if (( "$keysfound" < 1 )); then + echo "No host key found!" + echo "Recommendation: run 'monkeysphere-server gen-key'" + else + if (( "$keysfound" > 1 )); then + echo "more than one host key found?" + else + # check for key expiration: + keyexp=$(echo "$seckey" | grep ^sec: | cut -f7 -d:) + if (( "$keyexp" < "$curdate" )); then + echo "Host key is expired!" + # FIXME: recommend a way to resolve this other than re-keying? + elif (( "$keyexp" < "$warndate" )); then + echo "Host key expires in less than $warnwindow" + # FIXME: recommend a way to resolve this? + fi + # and weirdnesses: + if (( $(echo "$seckey" | grep ^sec: | cut -f6 -d:) > "$curdate" )); then + echo "Host key was created in the future(?!). Is your clock correct?" + echo "Recommendation: Check clock ($(date +%F_%T)); use NTP?" + fi + + # check for UserID expiration: + echo "$seckey" | grep ^uid: | cut -d: -f6,7,10 | \ + while IFS=: read create expire uid ; do + # FIXME: should we be doing any checking on the form + # of the User ID? Should we be unmangling it somehow? + if [ "$create" ] && (( "$create" > "$curdate" )); then + echo "User ID '$uid' was created in the future(?!). Is your clock correct?" + echo "Recommendation: Check clock ($(date +%F_%T)); use NTP?" + fi + if [ "$expire" ] ; then + if (( "$expire" < "$curdate" )); then + echo "User ID '$uid' is expired!" + # FIXME: recommend a way to resolve this + elif (( "$expire" < "$warndate" )); then + echo "User ID '$uid' expires in less than $warnwindow" + # FIXME: recommend a way to resolve this + fi + fi + done + +# FIXME: verify that the host key is properly published to the +# keyservers + +# FIXME: check that there are valid, non-expired certifying signatures +# attached to the host key + +# FIXME: propose adding a revoker to the host key if none exist (do we +# have a way to do that after key generation?) + +# Ensure that the ssh_host_rsa_key file is present and non-empty: + if [ ! -s "${VARLIB}/ssh_host_rsa_key" ] ; then + echo "The host key as prepared for SSH (${VARLIB}/ssh_host_rsa_key) is missing or empty!" + else + if [ $(stat -c "${VARLIB}/ssh_host_rsa_key") != 600 ] ; then + echo "Permissions seem wrong for ${VARLIB}/ssh_host_rsa_key -- should be 0600 !" + fi + + # propose changes needed for sshd_config (if any) + if ! grep -q "^HostKey ${VARLIB}/ssh_host_rsa_key$" /etc/ssh/sshd_config; then + echo "/etc/ssh/sshd_config does not point to the monkeysphere host key (${VARLIB}/ssh_host_rsa_key)." + echo "Recommendation: add a line to /etc/ssh/sshd_config: 'HostKey ${VARLIB}/ssh_host_rsa_key'" + fi + fi + fi + fi + +# FIXME: look at the ownership/privileges of the various keyrings, +# directories housing them, etc (what should those values be? can +# we make them as minimal as possible?) + +# FIXME: look to see that the ownertrust rules are set properly on the +# authentication keyring + +# FIXME: make sure that at least one identity certifier exists + +} + # retrieve key from web of trust, import it into the host keyring, and # ltsign the key in the host keyring so that it may certify other keys add_certifier() { @@ -567,6 +663,10 @@ case $COMMAND in publish_server_key ;; + 'diagnostics'|'d') + diagnostics + ;; + 'add-identity-certifier'|'add-certifier'|'a') add_certifier "$1" ;; -- cgit v1.2.3 From 273eea44383e2f9e1621e0d6d8de429ffb624a6e Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 31 Jul 2008 20:49:18 -0400 Subject: fixed busted debian/changelog --- debian/changelog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/debian/changelog b/debian/changelog index fcf87f1..c81d844 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,4 @@ -monkeysphere (0.7-) UNRELEASED; urgency=low +monkeysphere (0.7-1) UNRELEASED; urgency=low * Added monkeysphere-server diagnostics subcommand. -- cgit v1.2.3 From 7c8dbbd047ba2d9f7f9669a28b307195dbe4716a Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 31 Jul 2008 20:54:20 -0400 Subject: limiting output of monkeysphere-server help (usage) to 80 columns --- src/monkeysphere-server | 41 ++++++++++++++++++++--------------------- 1 file changed, 20 insertions(+), 21 deletions(-) diff --git a/src/monkeysphere-server b/src/monkeysphere-server index 98b60c0..d70fe93 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -37,27 +37,26 @@ usage: $PGRM [options] [args] MonkeySphere server admin tool. subcommands: - update-users (u) [USER]... update user authorized_keys files - - gen-key (g) [HOSTNAME] generate gpg key for the server - -l|--length BITS key length in bits (2048) - -e|--expire EXPIRE date to expire - -r|--revoker FINGERPRINT add a revoker - show-fingerprint (f) show server's host key fingerprint - publish-key (p) publish server's host key to keyserver - diagnostics (d) report on the server's monkeysphere status - - add-identity-certifier (a) KEYID import and tsign a certification key - -n|--domain DOMAIN limit ID certifications to IDs in DOMAIN () - -t|--trust TRUST trust level of certifier (full) - -d|--depth DEPTH trust depth for certifier (1) - remove-identity-certifier (r) KEYID remove a certification key - list-identity-certifiers (l) list certification keys - - gpg-authentication-cmd CMD gnupg-authentication command - - help (h,?) this help - + update-users (u) [USER]... update user authorized_keys files + + gen-key (g) [HOSTNAME] generate gpg key for the server + -l|--length BITS key length in bits (2048) + -e|--expire EXPIRE date to expire + -r|--revoker FINGERPRINT add a revoker + show-fingerprint (f) show server's host key fingerprint + publish-key (p) publish server's host key to keyserver + diagnostics (d) report on the server's monkeysphere status + + add-identity-certifier (a) KEYID import and tsign a certification key + -n|--domain DOMAIN limit ID certifications to IDs in DOMAIN + -t|--trust TRUST trust level of certifier (full) + -d|--depth DEPTH trust depth for certifier (1) + remove-identity-certifier (r) KEYID remove a certification key + list-identity-certifiers (l) list certification keys + + gpg-authentication-cmd CMD gnupg-authentication command + + help (h,?) this help EOF } -- cgit v1.2.3 From 0b5404f0488d5ea642aec2e92988740af23d820d Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 31 Jul 2008 21:29:25 -0400 Subject: fixed broken invocation of stat --- src/monkeysphere-server | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/monkeysphere-server b/src/monkeysphere-server index d70fe93..03a4ccb 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -450,7 +450,7 @@ diagnostics() { if [ ! -s "${VARLIB}/ssh_host_rsa_key" ] ; then echo "The host key as prepared for SSH (${VARLIB}/ssh_host_rsa_key) is missing or empty!" else - if [ $(stat -c "${VARLIB}/ssh_host_rsa_key") != 600 ] ; then + if [ $(stat -c '%a' "${VARLIB}/ssh_host_rsa_key") != 600 ] ; then echo "Permissions seem wrong for ${VARLIB}/ssh_host_rsa_key -- should be 0600 !" fi -- cgit v1.2.3 From 60931f1c182c6b163862c2eb34b48e459c51c23a Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 31 Jul 2008 21:44:18 -0400 Subject: be a little more helpful by printing out the actual expiration dates when things are expiring. --- src/monkeysphere-server | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/monkeysphere-server b/src/monkeysphere-server index 03a4ccb..16836b2 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -387,6 +387,9 @@ diagnostics() { local curdate local warnwindow local warndate + local create + local expire + local uid seckey=$(gpg_host --list-secret-keys --with-colons --fixed-list-mode) keysfound=$(echo "$seckey" | grep -c ^sec:) @@ -408,7 +411,7 @@ diagnostics() { echo "Host key is expired!" # FIXME: recommend a way to resolve this other than re-keying? elif (( "$keyexp" < "$warndate" )); then - echo "Host key expires in less than $warnwindow" + echo "Host key expires in less than $warnwindow:" $(date -d "$(( $keyexp - $curdate )) seconds" +%F) # FIXME: recommend a way to resolve this? fi # and weirdnesses: @@ -431,7 +434,7 @@ diagnostics() { echo "User ID '$uid' is expired!" # FIXME: recommend a way to resolve this elif (( "$expire" < "$warndate" )); then - echo "User ID '$uid' expires in less than $warnwindow" + echo "User ID '$uid' expires in less than $warnwindow:" $(date -d "$(( $expire - $curdate )) seconds" +%F) # FIXME: recommend a way to resolve this fi fi -- cgit v1.2.3 From 3a1f327ccfa3bb1df72bdc03ea2336956647ec21 Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Thu, 31 Jul 2008 19:01:52 -0700 Subject: Fix inaccurate comment in process_user_id function. --- src/common | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/common b/src/common index 1e8f23c..e281de4 100644 --- a/src/common +++ b/src/common @@ -319,8 +319,6 @@ process_user_id() { fi # loop over all lines in the gpg output and process. - # need to do it this way (as opposed to "while read...") so that - # variables set in loop will be visible outside of loop echo "$gpgOut" | cut -d: -f1,2,5,10,12 | \ while IFS=: read -r type validity keyid uidfpr usage ; do # process based on record type -- cgit v1.2.3 From 91f299c44f20f913ac5309a67d6cf9162c101810 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 31 Jul 2008 22:41:29 -0400 Subject: properly handle host keys with no expiration date, store host key fingerprint for later use in diagnostics. --- src/monkeysphere-server | 27 +++++++++++++++++---------- 1 file changed, 17 insertions(+), 10 deletions(-) diff --git a/src/monkeysphere-server b/src/monkeysphere-server index 16836b2..db0fa97 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -383,15 +383,15 @@ diagnostics() { # * check on the status and validity of the key and public certificates local seckey local keysfound - local keyexp local curdate local warnwindow local warndate local create local expire local uid + local fingerprint - seckey=$(gpg_host --list-secret-keys --with-colons --fixed-list-mode) + seckey=$(gpg_host --list-secret-keys --fingerprint --with-colons --fixed-list-mode) keysfound=$(echo "$seckey" | grep -c ^sec:) curdate=$(date +%s) # warn when anything is 2 months away from expiration @@ -405,17 +405,22 @@ diagnostics() { if (( "$keysfound" > 1 )); then echo "more than one host key found?" else + create=$(echo "$seckey" | grep ^sec: | cut -f6 -d:) + expire=$(echo "$seckey" | grep ^sec: | cut -f7 -d:) + fingerprint=$(echo "$seckey" | grep ^fpr: | head -n1 | cut -f10 -d:) # check for key expiration: - keyexp=$(echo "$seckey" | grep ^sec: | cut -f7 -d:) - if (( "$keyexp" < "$curdate" )); then - echo "Host key is expired!" + if [ "$expire" ]; then + if (( "$expire" < "$curdate" )); then + echo "Host key is expired!" # FIXME: recommend a way to resolve this other than re-keying? - elif (( "$keyexp" < "$warndate" )); then - echo "Host key expires in less than $warnwindow:" $(date -d "$(( $keyexp - $curdate )) seconds" +%F) + elif (( "$expire" < "$warndate" )); then + echo "Host key expires in less than $warnwindow:" $(date -d "$(( $expire - $curdate )) seconds" +%F) # FIXME: recommend a way to resolve this? + fi fi + # and weirdnesses: - if (( $(echo "$seckey" | grep ^sec: | cut -f6 -d:) > "$curdate" )); then + if [ "$create" ] && (( "$create" > "$curdate" )); then echo "Host key was created in the future(?!). Is your clock correct?" echo "Recommendation: Check clock ($(date +%F_%T)); use NTP?" fi @@ -425,6 +430,7 @@ diagnostics() { while IFS=: read create expire uid ; do # FIXME: should we be doing any checking on the form # of the User ID? Should we be unmangling it somehow? + if [ "$create" ] && (( "$create" > "$curdate" )); then echo "User ID '$uid' was created in the future(?!). Is your clock correct?" echo "Recommendation: Check clock ($(date +%F_%T)); use NTP?" @@ -441,10 +447,11 @@ diagnostics() { done # FIXME: verify that the host key is properly published to the -# keyservers +# keyservers (do this with the non-privileged user) # FIXME: check that there are valid, non-expired certifying signatures -# attached to the host key +# attached to the host key after fetching from the public keyserver +# (do this with the non-privileged user as well) # FIXME: propose adding a revoker to the host key if none exist (do we # have a way to do that after key generation?) -- cgit v1.2.3 From 8ec4e9b0a4a58aece8e5034324971ab40b25fa12 Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Fri, 1 Aug 2008 14:49:02 -0700 Subject: some tweaks to output formatting for diagnostic command. --- src/monkeysphere-server | 97 +++++++++++++++++++++++++------------------------ 1 file changed, 49 insertions(+), 48 deletions(-) diff --git a/src/monkeysphere-server b/src/monkeysphere-server index db0fa97..63c3668 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -398,53 +398,54 @@ diagnostics() { warnwindow='2 months' warndate=$(date +%s -d "$warnwindow") + echo "Checking host GPG key..." if (( "$keysfound" < 1 )); then - echo "No host key found!" - echo "Recommendation: run 'monkeysphere-server gen-key'" + echo "! No host key found." + echo " - Recommendation: run 'monkeysphere-server gen-key'" + elif (( "$keysfound" > 1 )); then + echo "! More than one host key found?" + # FIXME: recommend a way to resolve this else - if (( "$keysfound" > 1 )); then - echo "more than one host key found?" - else - create=$(echo "$seckey" | grep ^sec: | cut -f6 -d:) - expire=$(echo "$seckey" | grep ^sec: | cut -f7 -d:) - fingerprint=$(echo "$seckey" | grep ^fpr: | head -n1 | cut -f10 -d:) + create=$(echo "$seckey" | grep ^sec: | cut -f6 -d:) + expire=$(echo "$seckey" | grep ^sec: | cut -f7 -d:) + fingerprint=$(echo "$seckey" | grep ^fpr: | head -n1 | cut -f10 -d:) # check for key expiration: - if [ "$expire" ]; then - if (( "$expire" < "$curdate" )); then - echo "Host key is expired!" + if [ "$expire" ]; then + if (( "$expire" < "$curdate" )); then + echo "! Host key is expired." # FIXME: recommend a way to resolve this other than re-keying? - elif (( "$expire" < "$warndate" )); then - echo "Host key expires in less than $warnwindow:" $(date -d "$(( $expire - $curdate )) seconds" +%F) + elif (( "$expire" < "$warndate" )); then + echo "! Host key expires in less than $warnwindow:" $(date -d "$(( $expire - $curdate )) seconds" +%F) # FIXME: recommend a way to resolve this? - fi fi - + fi + # and weirdnesses: - if [ "$create" ] && (( "$create" > "$curdate" )); then - echo "Host key was created in the future(?!). Is your clock correct?" - echo "Recommendation: Check clock ($(date +%F_%T)); use NTP?" - fi + if [ "$create" ] && (( "$create" > "$curdate" )); then + echo "! Host key was created in the future(?!). Is your clock correct?" + echo " - Recommendation: Check clock ($(date +%F_%T)); use NTP?" + fi # check for UserID expiration: - echo "$seckey" | grep ^uid: | cut -d: -f6,7,10 | \ - while IFS=: read create expire uid ; do - # FIXME: should we be doing any checking on the form - # of the User ID? Should we be unmangling it somehow? - - if [ "$create" ] && (( "$create" > "$curdate" )); then - echo "User ID '$uid' was created in the future(?!). Is your clock correct?" - echo "Recommendation: Check clock ($(date +%F_%T)); use NTP?" - fi - if [ "$expire" ] ; then - if (( "$expire" < "$curdate" )); then - echo "User ID '$uid' is expired!" - # FIXME: recommend a way to resolve this - elif (( "$expire" < "$warndate" )); then - echo "User ID '$uid' expires in less than $warnwindow:" $(date -d "$(( $expire - $curdate )) seconds" +%F) + echo "$seckey" | grep ^uid: | cut -d: -f6,7,10 | \ + while IFS=: read create expire uid ; do + # FIXME: should we be doing any checking on the form + # of the User ID? Should we be unmangling it somehow? + + if [ "$create" ] && (( "$create" > "$curdate" )); then + echo "! User ID '$uid' was created in the future(?!). Is your clock correct?" + echo " - Recommendation: Check clock ($(date +%F_%T)); use NTP?" + fi + if [ "$expire" ] ; then + if (( "$expire" < "$curdate" )); then + echo "! User ID '$uid' is expired." # FIXME: recommend a way to resolve this - fi + elif (( "$expire" < "$warndate" )); then + echo "! User ID '$uid' expires in less than $warnwindow:" $(date -d "$(( $expire - $curdate )) seconds" +%F) + # FIXME: recommend a way to resolve this fi - done + fi + done # FIXME: verify that the host key is properly published to the # keyservers (do this with the non-privileged user) @@ -456,19 +457,19 @@ diagnostics() { # FIXME: propose adding a revoker to the host key if none exist (do we # have a way to do that after key generation?) -# Ensure that the ssh_host_rsa_key file is present and non-empty: - if [ ! -s "${VARLIB}/ssh_host_rsa_key" ] ; then - echo "The host key as prepared for SSH (${VARLIB}/ssh_host_rsa_key) is missing or empty!" - else - if [ $(stat -c '%a' "${VARLIB}/ssh_host_rsa_key") != 600 ] ; then - echo "Permissions seem wrong for ${VARLIB}/ssh_host_rsa_key -- should be 0600 !" - fi + # Ensure that the ssh_host_rsa_key file is present and non-empty: + echo "Checking host SSH key..." + if [ ! -s "${VARLIB}/ssh_host_rsa_key" ] ; then + echo "! The host key as prepared for SSH (${VARLIB}/ssh_host_rsa_key) is missing or empty." + else + if [ $(stat -c '%a' "${VARLIB}/ssh_host_rsa_key") != 600 ] ; then + echo "! Permissions seem wrong for ${VARLIB}/ssh_host_rsa_key -- should be 0600." + fi - # propose changes needed for sshd_config (if any) - if ! grep -q "^HostKey ${VARLIB}/ssh_host_rsa_key$" /etc/ssh/sshd_config; then - echo "/etc/ssh/sshd_config does not point to the monkeysphere host key (${VARLIB}/ssh_host_rsa_key)." - echo "Recommendation: add a line to /etc/ssh/sshd_config: 'HostKey ${VARLIB}/ssh_host_rsa_key'" - fi + # propose changes needed for sshd_config (if any) + if ! grep -q "^HostKey ${VARLIB}/ssh_host_rsa_key$" /etc/ssh/sshd_config; then + echo "! /etc/ssh/sshd_config does not point to the monkeysphere host key (${VARLIB}/ssh_host_rsa_key)." + echo " - Recommendation: add a line to /etc/ssh/sshd_config: 'HostKey ${VARLIB}/ssh_host_rsa_key'" fi fi fi -- cgit v1.2.3 From a7ccf57188892a050566025587009d153c39cfef Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Sat, 2 Aug 2008 12:26:26 -0700 Subject: Tried adding website to george. This may be non-ideal config, but it's a start. --- doc/george/changelog | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/doc/george/changelog b/doc/george/changelog index e49a053..873bc0d 100644 --- a/doc/george/changelog +++ b/doc/george/changelog @@ -4,8 +4,19 @@ * * ****************************************************************************** * Please add new entries in reverse chronological order whenever you make * -* changes to this system * +* changes to this system (first command at top, last at bottom) * ****************************************************************************** +2008-08-02 - jrollins + * aptitude update && aptitude dist-upgrade + * restarted cron, nullmailer, sshd + * aptitude install git-core ikiwiki + * adduser webmaster + * as webmaster, cloned jrollins git repo at ~webmaster/monkeysphere + * added post-commit hook to webmaster repo to update monkeysphere + ikiwiki at /srv/www. + * ran the post-commit script to generate pages, which are now + visible. + 2008-06-23 - dkg * added monkeysphere apt repository to /etc/apt/sources.list * added dkg's key to apt's list of trusted keys. @@ -27,7 +38,7 @@ /etc/default/ssh in order to make this error go away: "error writing /proc/self/oom_adj: Operation not permitted" (c.f. Debian #487325) - + 2008-06-20 - dkg * touched /etc/environment to get rid of some spurious auth.log entries. -- cgit v1.2.3 From c7a177b4b3a5b7e1add731bc5b6ed04b6163ccc2 Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Sat, 2 Aug 2008 14:09:03 -0700 Subject: Update what I did on george, and made small change to website to test. --- doc/george/changelog | 14 +++++++++----- website/index.mdwn | 2 +- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/doc/george/changelog b/doc/george/changelog index 873bc0d..34fe9bb 100644 --- a/doc/george/changelog +++ b/doc/george/changelog @@ -11,11 +11,15 @@ * restarted cron, nullmailer, sshd * aptitude install git-core ikiwiki * adduser webmaster - * as webmaster, cloned jrollins git repo at ~webmaster/monkeysphere - * added post-commit hook to webmaster repo to update monkeysphere - ikiwiki at /srv/www. - * ran the post-commit script to generate pages, which are now - visible. + * su - webmaster + * created a bare repo at ~webmaster/monkeysphere.git. I then + pushed into this repo from my working directory on servo to verify + that it was accepting. + * cloned above repo at ~webmaster/monkeysphere + * created ~webmaster/ikiwiki.setup + * ikiwiki --setup ikiwiki.setup + * changed default keyserver to be pgp.mit.edu (subkeys.pgp.net blows) + 2008-06-23 - dkg * added monkeysphere apt repository to /etc/apt/sources.list diff --git a/website/index.mdwn b/website/index.mdwn index 5c8a694..8038dd3 100644 --- a/website/index.mdwn +++ b/website/index.mdwn @@ -2,7 +2,7 @@ The Monkeysphere project's goal is to extend the web of trust model and other features of OpenPGP to other areas of the Internet to help us securely identify each other while we work online. -Specifically, the Monkeysphere is a framework to leverage the OpenPGP +Specifically, monkeysphere is a framework to leverage the OpenPGP web of trust for OpenSSH authentication. In other words, it allows you to use your OpenPGP keys when using secure shell to both identify yourself and the servers you administer or connect to. OpenPGP keys -- cgit v1.2.3 From 93824de5efefc2810c3c62b27e6e1240440cdd0c Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Sat, 2 Aug 2008 14:12:21 -0700 Subject: Update what I did on george --- doc/george/changelog | 1 + 1 file changed, 1 insertion(+) diff --git a/doc/george/changelog b/doc/george/changelog index 34fe9bb..770a265 100644 --- a/doc/george/changelog +++ b/doc/george/changelog @@ -18,6 +18,7 @@ * cloned above repo at ~webmaster/monkeysphere * created ~webmaster/ikiwiki.setup * ikiwiki --setup ikiwiki.setup + * linked post-receive to new post-commit hook in monkeysphere.git * changed default keyserver to be pgp.mit.edu (subkeys.pgp.net blows) -- cgit v1.2.3 From ce1111775aa0e23680932508c2b31e8091ff8beb Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Sat, 2 Aug 2008 16:41:46 -0700 Subject: Fix how file modification check is done, and fix accidental extraneous output. --- debian/changelog | 6 +++++- doc/george/changelog | 7 +++++-- src/common | 14 +++++++++++--- 3 files changed, 21 insertions(+), 6 deletions(-) diff --git a/debian/changelog b/debian/changelog index c81d844..8bfd387 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,8 +1,12 @@ monkeysphere (0.7-1) UNRELEASED; urgency=low + [ Daniel Kahn Gillmor ] * Added monkeysphere-server diagnostics subcommand. - -- Daniel Kahn Gillmor Thu, 31 Jul 2008 19:27:45 -0400 + [ Jameson Graef Rollins ] + * fix how check for file modification is done. + + -- Jameson Graef Rollins Sat, 02 Aug 2008 16:41:20 -0700 monkeysphere (0.6-1) experimental; urgency=low diff --git a/doc/george/changelog b/doc/george/changelog index 770a265..45834d6 100644 --- a/doc/george/changelog +++ b/doc/george/changelog @@ -19,8 +19,11 @@ * created ~webmaster/ikiwiki.setup * ikiwiki --setup ikiwiki.setup * linked post-receive to new post-commit hook in monkeysphere.git - * changed default keyserver to be pgp.mit.edu (subkeys.pgp.net blows) - + * changed default keyserver to be pgp.mit.edu (subkeys.pgp.net + blows) + * updated /etc/skel with ssh and monkeysphere stuff + * made authorzied_user_ids file for webmaster and ran + "monkeysphere-server u webmaster". 2008-06-23 - dkg * added monkeysphere apt repository to /etc/apt/sources.list diff --git a/src/common b/src/common index e281de4..ba7df73 100644 --- a/src/common +++ b/src/common @@ -498,6 +498,7 @@ update_known_hosts() { local nHosts local nHostsOK local nHostsBAD + local fileCheck local host # the number of hosts specified on command line @@ -512,6 +513,9 @@ update_known_hosts() { # create a lockfile on known_hosts lockfile-create "$KNOWN_HOSTS" + # note pre update file checksum + fileCheck=$(md5sum "$KNOWN_HOSTS") + for host ; do # process the host process_host_known_hosts "$host" @@ -533,7 +537,7 @@ update_known_hosts() { lockfile-remove "$KNOWN_HOSTS" # note if the known_hosts file was updated - if [ "$nHostsOK" -gt 0 -o "$nHostsBAD" -gt 0 ] ; then + if [ "$(md5sum "$KNOWN_HOSTS")" != "$fileCheck" ] ; then log "known_hosts file updated." fi @@ -634,6 +638,7 @@ update_authorized_keys() { local nIDs local nIDsOK local nIDsBAD + local fileCheck # the number of ids specified on command line nIDs="$#" @@ -647,6 +652,9 @@ update_authorized_keys() { # create a lockfile on authorized_keys lockfile-create "$AUTHORIZED_KEYS" + # note pre update file checksum + fileCheck=$(md5sum "$AUTHORIZED_KEYS") + for userID ; do # process the user ID, change return code if key not found for # user ID @@ -670,7 +678,7 @@ update_authorized_keys() { lockfile-remove "$AUTHORIZED_KEYS" # note if the authorized_keys file was updated - if [ "$nIDsOK" -gt 0 -o "$nIDsBAD" -gt 0 ] ; then + if [ "$(md5sum "$AUTHORIZED_KEYS")" != "$fileCheck" ] ; then log "authorized_keys file updated." fi @@ -700,7 +708,7 @@ process_authorized_user_ids() { log "processing authorized_user_ids file..." - if ! meat "$authorizedUserIDs" ; then + if ! meat "$authorizedUserIDs" > /dev/null ; then log "no user IDs to process." return fi -- cgit v1.2.3 From 8e1439bc18f8203d71c1237a25c21374ca17c38c Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Sun, 3 Aug 2008 00:10:28 -0700 Subject: rework out user id processing is done to provide better diagnostic output. --- debian/changelog | 4 +++- src/common | 56 +++++++++++++++++++++++++++++++++++++------------------- 2 files changed, 40 insertions(+), 20 deletions(-) diff --git a/debian/changelog b/debian/changelog index 8bfd387..3e7abb8 100644 --- a/debian/changelog +++ b/debian/changelog @@ -5,8 +5,10 @@ monkeysphere (0.7-1) UNRELEASED; urgency=low [ Jameson Graef Rollins ] * fix how check for file modification is done. + * rework out user id processing is done to provide more verbose log + output. - -- Jameson Graef Rollins Sat, 02 Aug 2008 16:41:20 -0700 + -- Jameson Graef Rollins Sun, 03 Aug 2008 00:00:06 -0700 monkeysphere (0.6-1) experimental; urgency=low diff --git a/src/common b/src/common index ba7df73..f5bb3bb 100644 --- a/src/common +++ b/src/common @@ -314,7 +314,7 @@ process_user_id() { # if the gpg query return code is not 0, return 1 if [ "$?" -ne 0 ] ; then - log " - key not found." + log " no primary keys found." return 1 fi @@ -377,10 +377,19 @@ process_user_id() { # output a line for the primary key # 0 = ok, 1 = bad if [ "$keyOK" -a "$uidOK" -a "$lastKeyOK" ] ; then - log " * acceptable key found." - echo "0:${fingerprint}" + log " * acceptable primary key." + if [ -z "$sshKey" ] ; then + log " ! primary key could not be translated." + else + echo "0:${sshKey}" + fi else - echo "1:${fingerprint}" + log " - unacceptable primary key." + if [ -z "$sshKey" ] ; then + log " ! primary key could not be translated." + else + echo "1:${sshKey}" + fi fi ;; 'sub') # sub keys @@ -404,18 +413,29 @@ process_user_id() { 'fpr') # key fingerprint fingerprint="$uidfpr" + sshKey=$(gpg2ssh "$fingerprint") + # if the last key was the pub key, skip if [ "$lastKey" = pub ] ; then continue fi - - # output a line for the last subkey + + # output a line for the primary key # 0 = ok, 1 = bad if [ "$keyOK" -a "$uidOK" -a "$lastKeyOK" ] ; then - log " * acceptable key found." - echo "0:${fingerprint}" + log " * acceptable sub key." + if [ -z "$sshKey" ] ; then + log " ! sub key could not be translated." + else + echo "0:${sshKey}" + fi else - echo "1:${fingerprint}" + log " - unacceptable sub key." + if [ -z "$sshKey" ] ; then + log " ! sub key could not be translated." + else + echo "1:${sshKey}" + fi fi ;; esac @@ -429,28 +449,27 @@ process_host_known_hosts() { local nKeys local nKeysOK local ok - local keyid + local sshKey local tmpfile host="$1" - log "processing host: $host" + log "processing: $host" userID="ssh://${host}" nKeys=0 nKeysOK=0 + IFS=$'\n' for line in $(process_user_id "ssh://${host}") ; do # note that key was found nKeys=$((nKeys+1)) ok=$(echo "$line" | cut -d: -f1) - keyid=$(echo "$line" | cut -d: -f2) + sshKey=$(echo "$line" | cut -d: -f2) - sshKey=$(gpg2ssh "$keyid") if [ -z "$sshKey" ] ; then - log " ! key could not be translated." continue fi @@ -582,25 +601,24 @@ process_uid_authorized_keys() { local nKeys local nKeysOK local ok - local keyid + local sshKey userID="$1" - log "processing user ID: $userID" + log "processing: $userID" nKeys=0 nKeysOK=0 + IFS=$'\n' for line in $(process_user_id "$userID") ; do # note that key was found nKeys=$((nKeys+1)) ok=$(echo "$line" | cut -d: -f1) - keyid=$(echo "$line" | cut -d: -f2) + sshKey=$(echo "$line" | cut -d: -f2) - sshKey=$(gpg2ssh "$keyid") if [ -z "$sshKey" ] ; then - log " ! key could not be translated." continue fi -- cgit v1.2.3 From dbbd1bd42f084dfe780f18875c6f36eb6d4f33b1 Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Sun, 3 Aug 2008 00:55:19 -0700 Subject: - Fixed bug in monkeysphere update-authorized_keys subcommand that had been preventing disallowed user ids from being properly removed from authorized_keys file. - Fixed file md5sum checking. --- debian/changelog | 4 ++- man/man1/monkeysphere.1 | 23 +++++++-------- src/common | 75 +++++++++++++++++++------------------------------ 3 files changed, 44 insertions(+), 58 deletions(-) diff --git a/debian/changelog b/debian/changelog index 3e7abb8..b03e0e4 100644 --- a/debian/changelog +++ b/debian/changelog @@ -7,8 +7,10 @@ monkeysphere (0.7-1) UNRELEASED; urgency=low * fix how check for file modification is done. * rework out user id processing is done to provide more verbose log output. + * fix bug in monkeysphpere update-authorized_keys subcommand where + disallowed keys failed to be remove from authorized_keys file. - -- Jameson Graef Rollins Sun, 03 Aug 2008 00:00:06 -0700 + -- Jameson Graef Rollins Sun, 03 Aug 2008 00:55:05 -0700 monkeysphere (0.6-1) experimental; urgency=low diff --git a/man/man1/monkeysphere.1 b/man/man1/monkeysphere.1 index 1d1c0e5..43e3fd5 100644 --- a/man/man1/monkeysphere.1 +++ b/man/man1/monkeysphere.1 @@ -37,17 +37,18 @@ if matching keys were found but none were acceptable. `k' may be used in place of `update-known_hosts'. .TP .B update-authorized_keys -Update the authorized_keys file. For each user ID in the user's -authorized_user_ids file, gpg will be queried for keys associated with -that user ID, optionally querying a keyserver. If an acceptable key -is found (see KEY ACCEPTABILITY in monkeysphere(5)), the key is added -to the user's authorized_keys file. If a key is found but is -unacceptable for the user ID, any matching keys are removed from the -user's authorized_keys file. If no gpg key is found for the user ID, -nothing is done. This subcommand will exit with a status of 0 if at -least one acceptable key was found for a user ID, 1 if no matching -keys were found at all, and 2 if matching keys were found but none -were acceptable. `a' may be used in place of +Update the authorized_keys file. First all monkeysphere keys are +cleared from the authorized_keys file. Then, for each user ID in the +user's authorized_user_ids file, gpg will be queried for keys +associated with that user ID, optionally querying a keyserver. If an +acceptable key is found (see KEY ACCEPTABILITY in monkeysphere(5)), +the key is added to the user's authorized_keys file. If a key is +found but is unacceptable for the user ID, any matching keys are +removed from the user's authorized_keys file. If no gpg key is found +for the user ID, nothing is done. This subcommand will exit with a +status of 0 if at least one acceptable key was found for a user ID, 1 +if no matching keys were found at all, and 2 if matching keys were +found but none were acceptable. `a' may be used in place of `update-authorized_keys'. .TP .B gen-subkey KEYID diff --git a/src/common b/src/common index f5bb3bb..3966705 100644 --- a/src/common +++ b/src/common @@ -83,6 +83,10 @@ remove_line() { return 1 fi + if [ ! -e "$file" ] ; then + return 1 + fi + # if the string is in the file... if grep -q -F "$string" "$file" 2> /dev/null ; then # remove the line with the string, and return 0 @@ -94,6 +98,24 @@ remove_line() { fi } +# remove all lines with MonkeySphere strings in file +remove_monkeysphere_lines() { + local file + + file="$1" + + if [ -z "$file" ] ; then + return 1 + fi + + if [ ! -e "$file" ] ; then + return 1 + fi + + egrep -v '^MonkeySphere[[:digit:]]{4}(-[[:digit:]]{2}){2}T[[:digit:]]{2}(:[[:digit:]]{2}){2}$' \ + "$file" | sponge "$file" +} + # translate ssh-style path variables %h and %u translate_ssh_variables() { local uname @@ -533,7 +555,7 @@ update_known_hosts() { lockfile-create "$KNOWN_HOSTS" # note pre update file checksum - fileCheck=$(md5sum "$KNOWN_HOSTS") + fileCheck="$(cat "$KNOWN_HOSTS" | md5sum)" for host ; do # process the host @@ -556,7 +578,7 @@ update_known_hosts() { lockfile-remove "$KNOWN_HOSTS" # note if the known_hosts file was updated - if [ "$(md5sum "$KNOWN_HOSTS")" != "$fileCheck" ] ; then + if [ "$(cat "$KNOWN_HOSTS" | md5sum)" != "$fileCheck" ] ; then log "known_hosts file updated." fi @@ -671,7 +693,10 @@ update_authorized_keys() { lockfile-create "$AUTHORIZED_KEYS" # note pre update file checksum - fileCheck=$(md5sum "$AUTHORIZED_KEYS") + fileCheck="$(cat "$AUTHORIZED_KEYS" | md5sum)" + + # remove any monkeysphere lines from authorized_keys file + remove_monkeysphere_lines "$AUTHORIZED_KEYS" for userID ; do # process the user ID, change return code if key not found for @@ -696,7 +721,7 @@ update_authorized_keys() { lockfile-remove "$AUTHORIZED_KEYS" # note if the authorized_keys file was updated - if [ "$(md5sum "$AUTHORIZED_KEYS")" != "$fileCheck" ] ; then + if [ "$(cat "$AUTHORIZED_KEYS" | md5sum)" != "$fileCheck" ] ; then log "authorized_keys file updated." fi @@ -742,45 +767,3 @@ process_authorized_user_ids() { update_authorized_keys "${userIDs[@]}" } - -# EXPERIMENTAL (unused) process userids found in authorized_keys file -# go through line-by-line, extract monkeysphere userids from comment -# fields, and process each userid -# NOT WORKING -process_authorized_keys() { - local authorizedKeys - local userID - local returnCode - - # default return code is 0, and is set to 1 if a key for a user - # is not found - returnCode=0 - - authorizedKeys="$1" - - # take all the monkeysphere userids from the authorized_keys file - # comment field (third field) that starts with "MonkeySphere uid:" - # FIXME: needs to handle authorized_keys options (field 0) - meat "$authorizedKeys" | \ - while read -r options keytype key comment ; do - # if the comment field is empty, assume the third field was - # the comment - if [ -z "$comment" ] ; then - comment="$key" - fi - - if echo "$comment" | egrep -v -q '^MonkeySphere[[:digit:]]{4}(-[[:digit:]]{2}){2}T[[:digit:]]{2}(:[[:digit:]]{2}){2}' ; then - continue - fi - userID=$(echo "$comment" | awk "{ print $2 }") - if [ -z "$userID" ] ; then - continue - fi - - # process the userid - log "processing userid: '$userID'" - process_user_id "$userID" > /dev/null || returnCode=1 - done - - return "$returnCode" -} -- cgit v1.2.3 From 70ea3b65d8269ae25996921c37ae8bced59eb092 Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Sun, 3 Aug 2008 10:20:03 -0700 Subject: More tweaks to the website. --- website/dev.mdwn | 13 ------------- website/download.mdwn | 28 +++++++++++++++++++--------- website/index.mdwn | 3 +-- 3 files changed, 20 insertions(+), 24 deletions(-) delete mode 100644 website/dev.mdwn diff --git a/website/dev.mdwn b/website/dev.mdwn deleted file mode 100644 index b149f9c..0000000 --- a/website/dev.mdwn +++ /dev/null @@ -1,13 +0,0 @@ -# Monkeysphere Development # - -The Monkeysphere is attempting to use a completely distributed -development model. Please feel free to clone any of our developer git -repositories, and send patches, modifications, or merge requests to -any of the upstream developers. - -## Contacts ## - -Please feel free to contact any of the Monkeysphere developers with -any questions, comments, bug reports, requests, etc: - -Jameson Graef Rollins diff --git a/website/download.mdwn b/website/download.mdwn index c2033a4..947b171 100644 --- a/website/download.mdwn +++ b/website/download.mdwn @@ -1,4 +1,4 @@ -##Downloading and Installing## +## Downloading and Installing ## If you are running a Debian system, you can install Monkeysphere by following these directions: @@ -13,14 +13,24 @@ The repository is currently signed by [Daniel Kahn Gillmor's OpenPGP key](http:/ (fingerprint: `0EE5 BE97 9282 D80B 9F75 40F1 CCD2 ED94 D217 39E9`). To cryptographically verify the packages, you'll want to [add `dkg`'s key to your apt configuration](http://cmrg.fifthhorseman.net/wiki/apt/importing-keys "Instructions for adding dkg's key to apt") -##git repositories## +## git repositories ## -Development is done in an extremely distributed manner using -[git](http://git.or.cz/). Once you've -[installed git](http://www.spheredev.org/wiki/Git_for_the_lazy), you can -clone the repository by doing +The Monkeysphere is attempting to use a completely distributed +development model with [git](http://git.or.cz/). Once you've +[installed git](http://www.spheredev.org/wiki/Git_for_the_lazy), you +can [git +clone](http://www.kernel.org/pub/software/scm/git/docs/git-clone.html) +any of the developer repositories: - git clone http://lair.fifthhorseman.net/~dkg/git/monkeysphere.git/ monkeysphere +Jameson Graef Rollins : -Other developers have their own repositories, which you can substitute -for dkg's if you like. + git clone http://lair.fifthhorseman.net/~jrollins/git/monkeysphere.git monkeysphere + +dkg: + + git clone http://lair.fifthhorseman.net/~dkg/git/monkeysphere.git monkeysphere + +## Contact ## + +Please feel free to contact any of the Monkeysphere developers with +any questions, comments, bug reports, requests, etc. diff --git a/website/index.mdwn b/website/index.mdwn index 8038dd3..853c75b 100644 --- a/website/index.mdwn +++ b/website/index.mdwn @@ -9,8 +9,7 @@ yourself and the servers you administer or connect to. OpenPGP keys are tracked via GnuPG, and managed in the `known_hosts` and `authorized_keys` files used by OpenSSH for connection authentication. -[[bugs]] | [[download]] | [[news]] | [[documentation|doc]] | -[[development|dev]] +[[bugs]] | [[download]] | [[news]] | [[documentation|doc]] ## Conceptual overview ## -- cgit v1.2.3 From 85165312ef23dcf1ae6b1ac9eb2e907400d30ace Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sun, 3 Aug 2008 18:58:19 -0400 Subject: some notes about george, added my full contact info to the download page of the web site. --- doc/george/changelog | 6 ++++++ website/download.mdwn | 4 ++-- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/doc/george/changelog b/doc/george/changelog index 45834d6..9cc628a 100644 --- a/doc/george/changelog +++ b/doc/george/changelog @@ -6,6 +6,12 @@ * Please add new entries in reverse chronological order whenever you make * * changes to this system (first command at top, last at bottom) * ****************************************************************************** + +2008-08-03 - dkg + * aptitude update && aptitude dist-upgrade + * installed iproute + * added my User ID to ~webmaster/.config/monkeysphere/authorized_user_ids + 2008-08-02 - jrollins * aptitude update && aptitude dist-upgrade * restarted cron, nullmailer, sshd diff --git a/website/download.mdwn b/website/download.mdwn index 947b171..9a4c88e 100644 --- a/website/download.mdwn +++ b/website/download.mdwn @@ -20,13 +20,13 @@ development model with [git](http://git.or.cz/). Once you've [installed git](http://www.spheredev.org/wiki/Git_for_the_lazy), you can [git clone](http://www.kernel.org/pub/software/scm/git/docs/git-clone.html) -any of the developer repositories: +any of the developer repositories, including: Jameson Graef Rollins : git clone http://lair.fifthhorseman.net/~jrollins/git/monkeysphere.git monkeysphere -dkg: +Daniel Kahn Gillmor : git clone http://lair.fifthhorseman.net/~dkg/git/monkeysphere.git monkeysphere -- cgit v1.2.3 From 0f2f84aac32441de6323bd3fa3607a2aeed410e9 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sun, 3 Aug 2008 19:10:24 -0400 Subject: updated monkeysphere update-authorized_keys explanation in monkeysphere.1 --- man/man1/monkeysphere.1 | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/man/man1/monkeysphere.1 b/man/man1/monkeysphere.1 index 43e3fd5..fe4fd36 100644 --- a/man/man1/monkeysphere.1 +++ b/man/man1/monkeysphere.1 @@ -37,18 +37,19 @@ if matching keys were found but none were acceptable. `k' may be used in place of `update-known_hosts'. .TP .B update-authorized_keys -Update the authorized_keys file. First all monkeysphere keys are -cleared from the authorized_keys file. Then, for each user ID in the -user's authorized_user_ids file, gpg will be queried for keys -associated with that user ID, optionally querying a keyserver. If an -acceptable key is found (see KEY ACCEPTABILITY in monkeysphere(5)), -the key is added to the user's authorized_keys file. If a key is -found but is unacceptable for the user ID, any matching keys are -removed from the user's authorized_keys file. If no gpg key is found -for the user ID, nothing is done. This subcommand will exit with a -status of 0 if at least one acceptable key was found for a user ID, 1 -if no matching keys were found at all, and 2 if matching keys were -found but none were acceptable. `a' may be used in place of +Update the authorized_keys file for the user executing the command +(see MONKEYSPHERE_AUTHORIZED_KEYS in ENVIRONMENT, below). First all +monkeysphere keys are cleared from the authorized_keys file. Then, or +each user ID in the user's authorized_user_ids file, gpg will be +queried for keys associated with that user ID, optionally querying a +keyserver. If an acceptable key is found (see KEY ACCEPTABILITY in +monkeysphere(5)), the key is added to the user's authorized_keys file. +If a key is found but is unacceptable for the user ID, any matching +keys are removed from the user's authorized_keys file. If no gpg key +is found for the user ID, nothing is done. This subcommand will exit +with a status of 0 if at least one acceptable key was found for a user +ID, 1 if no matching keys were found at all, and 2 if matching keys +were found but none were acceptable. `a' may be used in place of `update-authorized_keys'. .TP .B gen-subkey KEYID -- cgit v1.2.3 From 6ea9ff35aec29b82ade293487797a2314b19f921 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sun, 3 Aug 2008 19:32:49 -0400 Subject: update download page to be more readable and linky --- website/download.mdwn | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/website/download.mdwn b/website/download.mdwn index 9a4c88e..2f41c88 100644 --- a/website/download.mdwn +++ b/website/download.mdwn @@ -22,11 +22,11 @@ can [git clone](http://www.kernel.org/pub/software/scm/git/docs/git-clone.html) any of the developer repositories, including: -Jameson Graef Rollins : +[mailto:jrollins@phys.columbia.edu](Jameson Graef Rollins): git clone http://lair.fifthhorseman.net/~jrollins/git/monkeysphere.git monkeysphere -Daniel Kahn Gillmor : +[http://cmrg.fifthhorseman.net/wiki/dkg](Daniel Kahn Gillmor): git clone http://lair.fifthhorseman.net/~dkg/git/monkeysphere.git monkeysphere -- cgit v1.2.3 From e25d4efcb9b4f8d1f23014fc3a61bee088514665 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sun, 3 Aug 2008 19:34:00 -0400 Subject: one of these days i will learn markdown properly --- website/download.mdwn | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/website/download.mdwn b/website/download.mdwn index 2f41c88..006654d 100644 --- a/website/download.mdwn +++ b/website/download.mdwn @@ -22,11 +22,11 @@ can [git clone](http://www.kernel.org/pub/software/scm/git/docs/git-clone.html) any of the developer repositories, including: -[mailto:jrollins@phys.columbia.edu](Jameson Graef Rollins): +[Jameson Graef Rollins](mailto:jrollins@phys.columbia.edu): git clone http://lair.fifthhorseman.net/~jrollins/git/monkeysphere.git monkeysphere -[http://cmrg.fifthhorseman.net/wiki/dkg](Daniel Kahn Gillmor): +[Daniel Kahn Gillmor](http://cmrg.fifthhorseman.net/wiki/dkg): git clone http://lair.fifthhorseman.net/~dkg/git/monkeysphere.git monkeysphere -- cgit v1.2.3 From 405fb7c3c93c4cef1f08a3edc9ea0d31c7a6df57 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sun, 3 Aug 2008 20:32:59 -0400 Subject: adding a new bug about the interaction between HostKeyAlias and monkeysphere-ssh-proxycommand --- .../bugs/hostkeyalias-confuses-monkeysphere.mdwn | 28 ++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 website/bugs/hostkeyalias-confuses-monkeysphere.mdwn diff --git a/website/bugs/hostkeyalias-confuses-monkeysphere.mdwn b/website/bugs/hostkeyalias-confuses-monkeysphere.mdwn new file mode 100644 index 0000000..4f7df66 --- /dev/null +++ b/website/bugs/hostkeyalias-confuses-monkeysphere.mdwn @@ -0,0 +1,28 @@ +Consider the following snippet in `~/.ssh/config`: + + Host foo + HostKeyAlias bar + +for a host which is *not* participating in the monkeysphere. + +For such a host, when using `monkeysphere-ssh-proxy-command`, the +public keyservers will be queried on each attempted ssh connection +(even after a successful connection). + +This appears to be because: + +* `ssh` itself will write a line to `~/.ssh/known_hosts`, but it will + be labeled with `bar` because of the `HostKeyAlias`. + +* `monkeysphere` won't be able to find any mention of it in the + keyring (it's not in the monkeysphere) + +* `monkeysphere-ssh-proxycommand` won't be able to find it in the + `known_hosts` file because it looks for `foo`, which is never + matched. + +excessive keyserver querying is bad behavior, because it causes delays +for the users, and puts excessive load on the public keyserver +infrastructure. + +How can we resolve this? -- cgit v1.2.3 From 2f307758d083304bfddd8a8260dbf5b957a00d39 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sun, 3 Aug 2008 21:05:56 -0400 Subject: added new bug about hashed known hosts. --- ...known_hosts-lines-contrary-to-HashKnownHosts-directive.mdwn | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 website/bugs/monkeysphere-adds-hashed-known_hosts-lines-contrary-to-HashKnownHosts-directive.mdwn diff --git a/website/bugs/monkeysphere-adds-hashed-known_hosts-lines-contrary-to-HashKnownHosts-directive.mdwn b/website/bugs/monkeysphere-adds-hashed-known_hosts-lines-contrary-to-HashKnownHosts-directive.mdwn new file mode 100644 index 0000000..f676937 --- /dev/null +++ b/website/bugs/monkeysphere-adds-hashed-known_hosts-lines-contrary-to-HashKnownHosts-directive.mdwn @@ -0,0 +1,10 @@ +In `~/.ssh/config`, i have: + + HashKnownHosts No + +But when `monkeysphere-ssh-proxycommand` adds new hosts to +`~/.ssh/known_hosts`, they appear to be added in a hashed form, +instead of in the clear. + +fwiw: i'm using OpenSSH 5.1p1 on a debian lenny system (backported +from sid) -- cgit v1.2.3 From 3bcce75f26d00044380904f462d37d7b851cf3b7 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sun, 3 Aug 2008 21:09:37 -0400 Subject: adding new bug about behavior with no pty. --- .../add-identity-certifier-behaves-oddly-without-pty.mdwn | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 website/bugs/add-identity-certifier-behaves-oddly-without-pty.mdwn diff --git a/website/bugs/add-identity-certifier-behaves-oddly-without-pty.mdwn b/website/bugs/add-identity-certifier-behaves-oddly-without-pty.mdwn new file mode 100644 index 0000000..1962fe5 --- /dev/null +++ b/website/bugs/add-identity-certifier-behaves-oddly-without-pty.mdwn @@ -0,0 +1,15 @@ +When executing `monkeysphere-server add-identity-certifier` across a +link without a pseudo-terminal, it behaves oddly (prompts are created +that are only halfway-readable, gpg gives error messages about lacking +access to a `/dev/tty`, etc. + +You can try this directly if you have remote ssh access to the +superuser on a monkeysphere-enabled host, assuming that `$GPGID` is +set to the full fingerprint of a key you want to add as a trusted +identity certifier: + + ssh root@example.org monkeysphere-server add-identity-certifier $GPGID + +Compare this behavior with: + + ssh -t root@example.org monkeysphere-server add-identity-certifier $GPGID -- cgit v1.2.3 From 0d1b53f4f26133fa27f50c418b6b3e7dbe6e8a79 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sun, 3 Aug 2008 21:14:36 -0400 Subject: tidying up bug report about hashed known hosts --- ...known_hosts-lines-contrary-to-HashKnownHosts-directive.mdwn | 10 ---------- .../bugs/monkeysphere-ignores-HashKnownHosts-directive.mdwn | 10 ++++++++++ 2 files changed, 10 insertions(+), 10 deletions(-) delete mode 100644 website/bugs/monkeysphere-adds-hashed-known_hosts-lines-contrary-to-HashKnownHosts-directive.mdwn create mode 100644 website/bugs/monkeysphere-ignores-HashKnownHosts-directive.mdwn diff --git a/website/bugs/monkeysphere-adds-hashed-known_hosts-lines-contrary-to-HashKnownHosts-directive.mdwn b/website/bugs/monkeysphere-adds-hashed-known_hosts-lines-contrary-to-HashKnownHosts-directive.mdwn deleted file mode 100644 index f676937..0000000 --- a/website/bugs/monkeysphere-adds-hashed-known_hosts-lines-contrary-to-HashKnownHosts-directive.mdwn +++ /dev/null @@ -1,10 +0,0 @@ -In `~/.ssh/config`, i have: - - HashKnownHosts No - -But when `monkeysphere-ssh-proxycommand` adds new hosts to -`~/.ssh/known_hosts`, they appear to be added in a hashed form, -instead of in the clear. - -fwiw: i'm using OpenSSH 5.1p1 on a debian lenny system (backported -from sid) diff --git a/website/bugs/monkeysphere-ignores-HashKnownHosts-directive.mdwn b/website/bugs/monkeysphere-ignores-HashKnownHosts-directive.mdwn new file mode 100644 index 0000000..6b5b53d --- /dev/null +++ b/website/bugs/monkeysphere-ignores-HashKnownHosts-directive.mdwn @@ -0,0 +1,10 @@ +In `~/.ssh/config`, i have: + + HashKnownHosts No + +But when `monkeysphere-ssh-proxycommand` adds new hosts to +`~/.ssh/known_hosts`, they appear to be added in a hashed form, +instead of in the clear. + +fwiw: i'm using OpenSSH 5.1p1 on a debian lenny system (backported +from sid) -- cgit v1.2.3 From f6045145671c3adae0b573c075e4703d6a361c4a Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Mon, 4 Aug 2008 10:50:48 -0400 Subject: transitioning package to git source format. --- debian/changelog | 3 ++- debian/control | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/debian/changelog b/debian/changelog index b03e0e4..e686d7c 100644 --- a/debian/changelog +++ b/debian/changelog @@ -2,6 +2,7 @@ monkeysphere (0.7-1) UNRELEASED; urgency=low [ Daniel Kahn Gillmor ] * Added monkeysphere-server diagnostics subcommand. + * rebuilding package from git repo [ Jameson Graef Rollins ] * fix how check for file modification is done. @@ -10,7 +11,7 @@ monkeysphere (0.7-1) UNRELEASED; urgency=low * fix bug in monkeysphpere update-authorized_keys subcommand where disallowed keys failed to be remove from authorized_keys file. - -- Jameson Graef Rollins Sun, 03 Aug 2008 00:55:05 -0700 + -- Daniel Kahn Gillmor Mon, 04 Aug 2008 10:47:41 -0400 monkeysphere (0.6-1) experimental; urgency=low diff --git a/debian/control b/debian/control index 3b2d5d0..7b5115d 100644 --- a/debian/control +++ b/debian/control @@ -8,6 +8,7 @@ Standards-Version: 3.8.0.1 Homepage: http://monkeysphere.info/ Vcs-Git: http://lair.fifthhorseman.net/~dkg/git/monkeysphere.git Dm-Upload-Allowed: yes +Format: 3.0 (git) Package: monkeysphere Architecture: any -- cgit v1.2.3 From be55c00db6f950311f9a517cbb079cd86dae4b1f Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Mon, 4 Aug 2008 11:02:20 -0400 Subject: tidy up debian/changelog in preparation for 0.7-1 release. --- debian/changelog | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/debian/changelog b/debian/changelog index e686d7c..9c51e91 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,8 +1,8 @@ -monkeysphere (0.7-1) UNRELEASED; urgency=low +monkeysphere (0.7-1) experimental; urgency=low [ Daniel Kahn Gillmor ] * Added monkeysphere-server diagnostics subcommand. - * rebuilding package from git repo + * rebuilding package using Format: 3.0 (git) [ Jameson Graef Rollins ] * fix how check for file modification is done. -- cgit v1.2.3 From 515d8eb967427b04506041dfaea60ea155e79f47 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Mon, 4 Aug 2008 11:28:35 -0400 Subject: added news about release of 0.7-1 --- website/news/release-0.7-1.mdwn | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 website/news/release-0.7-1.mdwn diff --git a/website/news/release-0.7-1.mdwn b/website/news/release-0.7-1.mdwn new file mode 100644 index 0000000..1d744e5 --- /dev/null +++ b/website/news/release-0.7-1.mdwn @@ -0,0 +1,6 @@ +# MonkeySphere 0.7-1 released! # + +MonkeySphere 0.7-1 has been released. This release contains bugfixes, +a new `monkeysphere-server diagnostics` subcommand, and marks a +transition to the new [Git-based debian packaging +format](http://wiki.debian.org/GitSrc). [[download]] it now! -- cgit v1.2.3