From 78fe687a40613136c72bf3fcf16939d4415d4a1c Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Fri, 15 Aug 2008 16:51:35 -0400 Subject: fixing gen-subkey when no agent is present. --- debian/changelog | 3 ++- debian/control | 2 +- src/monkeysphere | 14 ++++++++++++-- .../bugs/monkeysphere-gen-subkey-fails-without-agent.mdwn | 7 +++++++ 4 files changed, 22 insertions(+), 4 deletions(-) diff --git a/debian/changelog b/debian/changelog index 59aea1e..e6dfccd 100644 --- a/debian/changelog +++ b/debian/changelog @@ -6,6 +6,7 @@ monkeysphere (0.8-1) UNRELEASED; urgency=low * More monkeysphere-server diagnostics * monkeysphere --gen-subkey now guesses what KeyID you meant. * set up host-key revocation + * added Recommends: ssh-askpass to ensure monkeysphere --gen-subkey works [ Jameson Graef Rollins ] * fix another bug for when ssh key files are missing. @@ -15,7 +16,7 @@ monkeysphere (0.8-1) UNRELEASED; urgency=low * enabled host key publication. * added checking of gpg.conf for keyserver - -- Jameson Graef Rollins Fri, 15 Aug 2008 10:46:23 -0700 + -- Daniel Kahn Gillmor Fri, 15 Aug 2008 16:06:31 -0400 monkeysphere (0.7-1) experimental; urgency=low diff --git a/debian/control b/debian/control index 0b3d871..7fbcbc7 100644 --- a/debian/control +++ b/debian/control @@ -13,7 +13,7 @@ Format: 3.0 (git) Package: monkeysphere Architecture: any Depends: openssh-client, gnupg | gnupg2, coreutils (>= 6), moreutils, lockfile-progs, adduser, ${shlibs:Depends} -Recommends: netcat | socat +Recommends: netcat | socat, ssh-askpass Enhances: openssh-client, openssh-server Description: use the OpenPGP web of trust to verify ssh connections SSH key-based authentication is tried-and-true, but it lacks a true diff --git a/src/monkeysphere b/src/monkeysphere index 6d9e6c3..57597e2 100755 --- a/src/monkeysphere +++ b/src/monkeysphere @@ -48,7 +48,6 @@ EOF } # generate a subkey with the 'a' usage flags set -# FIXME: this needs some tweaking to clean it up gen_subkey(){ local keyLength local keyExpire @@ -163,7 +162,18 @@ EOF ) log "generating subkey..." - echo "$editCommands" | gpg --expert --command-fd 0 --edit-key "$keyID" + fifoDir=$(mktemp -d) + (umask 077 && mkfifo "$fifoDir/pass") + echo "$editCommands" | gpg --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --edit-key "$keyID" & + + if [ "$DISPLAY" ] && which ssh-askpass >/dev/null; then + ssh-askpass "Please enter your passphrase for $keyID: " > "$fifoDir/pass" + else + read -s -p "Please enter your passphrase for $keyID: " PASS + echo "$PASS" > "$fifoDir/pass" + fi + rm -rf "$fifoDir" + wait log "done." } diff --git a/website/bugs/monkeysphere-gen-subkey-fails-without-agent.mdwn b/website/bugs/monkeysphere-gen-subkey-fails-without-agent.mdwn index 51cf57e..e97b49c 100644 --- a/website/bugs/monkeysphere-gen-subkey-fails-without-agent.mdwn +++ b/website/bugs/monkeysphere-gen-subkey-fails-without-agent.mdwn @@ -135,3 +135,10 @@ it. Alternately, we could use `--passwd-fd` and `ssh-agent`, along the lines i proposed [for handling passphrase-locked secret keys](/bugs/handle-passphrase-locked-secret-keys). + +--- + +[[bugs/done]] as of 2008-08-15 16:48:26-0400 (to be released in 0.8-1) + +I opted to go with the `ssh-askpass` route, and fall back to echoing +stuff to a fifo directly if `ssh-askpass` is not available. -- cgit v1.2.3 From c9acc1237d8e21d74fe7070af1b061c888664e8b Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Fri, 15 Aug 2008 17:19:58 -0400 Subject: noting that list-identity-certifiers should be running as a non-privileged user. --- website/bugs/list-id-certifiers-should-run-non-priv.mdwn | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 website/bugs/list-id-certifiers-should-run-non-priv.mdwn diff --git a/website/bugs/list-id-certifiers-should-run-non-priv.mdwn b/website/bugs/list-id-certifiers-should-run-non-priv.mdwn new file mode 100644 index 0000000..3cbd1af --- /dev/null +++ b/website/bugs/list-id-certifiers-should-run-non-priv.mdwn @@ -0,0 +1,15 @@ +[[meta title="list-identity-certfiers should run as the non-privileged user"]] + +Right now, `monkeysphere-server list-identity-certifiers` runs as the +superuser, and just lists the keys in the host's keyring. This might +not be the actual list of valid id certifiers, for a number of reasons: + +* the keys themselves might have been revoked by the owner + +* the id-certifiers might have been added with a different trust + level, or a regexp/domain limitation. + +It would make more sense to derive the list of trusted certifiers +directly from the keyrings as seen by the non-privileged +`monkeysphere` user, since this user's keyrings are what are going to +judge the validity of various user IDs. -- cgit v1.2.3