From 56aa562e2079a33904840dce37605e2f25048f99 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Wed, 27 Aug 2008 00:04:01 -0400 Subject: draft of prospective d-a.org (and hence planet.debian.org) announcement. --- doc/announcement.html | 53 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 53 insertions(+) create mode 100644 doc/announcement.html (limited to 'doc') diff --git a/doc/announcement.html b/doc/announcement.html new file mode 100644 index 0000000..489dae5 --- /dev/null +++ b/doc/announcement.html @@ -0,0 +1,53 @@ + + + + +Announcing the Monkeysphere + + + + + +

Monkeysphere: an OpenPGP-based PKI for SSH

+ +

Ever thought that there should be an automated way to handle ssh +keys? Do you know the administrators of your servers, and wish that +SSH could verify new host keys from them automatically, based on your +personal connections to the web-of-trust? Do you wish you could +revoke and rotate your old SSH authentication keys without having to +log into every single machine?

+ +

Do you administer servers, and wish you could re-key them without +sowing massive pain and confusion among your users (or worse, +encouraging bad security habits among them)? Do you wish you could +identify the users to grant access by name, instead of by opaque +string? Do you wish you could rapidly grant or revoke access to a +user across a group of machines by enabling or disabling +authentication for that user?

+ +

A group of us have been working on a public key infrastructure for +SSH. Monkeysphere makes use of +the existing OpenPGP web-of-trust to fetch and cryptographically +validate (and revoke!) keys. This works in either directions: both +authorized_keys and known_hosts are +handled. Monkeysphere gives users and admins tools to deal with SSH +keys by thinking about the people and machines to whom the keys +belong, instead of requiring humans to do tedious (and error-prone) +manual key verification.

+ +

We have debian packages +available which should install against lenny, a mailing +list, and open ears for good questions, suggestions and +criticism.

+ +

If you have a chance to give it a try (as a user +or as an admin), it would be great to get +feedback.

+ + -- cgit v1.2.3