From 617f03c948b66774e6765206bed2c56d30157187 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Fri, 15 Aug 2008 14:44:18 -0400 Subject: first pass at revoking hostnames. --- src/monkeysphere-server | 32 +++++++++++++++++++++++++++++++- 1 file changed, 31 insertions(+), 1 deletion(-) (limited to 'src/monkeysphere-server') diff --git a/src/monkeysphere-server b/src/monkeysphere-server index 023ce9b..6ffd41f 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -402,11 +402,41 @@ EOF # revoke hostname user ID to server key revoke_hostname() { + local msg + local uidNum + local tmpuidMatch + local fpr + local linenum + if [ -z "$1" ] ; then failure "You must specify a hostname to revoke." fi - failure "Sorry, not yet implemented." + fpr=$(fingerprint_server_key) + tmpuidMatch="u:$(escape "$1")" + + if linenum=$(gpg_host --list-keys --with-colons --fixed-list-mode "$fpr" | egrep '^(uid|uat):' | cut -f2,10 -d: | grep -n -x -F 'r:Foo T. Bar (DO NOT USE!) ') ; then + uidNum=${linenum%%:*} + else + failure "no non-revoked hostname '$1' is listed." + fi + + msg="hostname removed by monkeysphere-server on $(date +%F)" + + + revuidCommand=$(cat < Date: Fri, 15 Aug 2008 14:58:34 -0400 Subject: sigh. fixing some dumb typos in hostname revocation. --- src/monkeysphere-server | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'src/monkeysphere-server') diff --git a/src/monkeysphere-server b/src/monkeysphere-server index 6ffd41f..dd85dcc 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -413,9 +413,9 @@ revoke_hostname() { fi fpr=$(fingerprint_server_key) - tmpuidMatch="u:$(escape "$1")" + tmpuidMatch="u:$(escape "ssh://$1")" - if linenum=$(gpg_host --list-keys --with-colons --fixed-list-mode "$fpr" | egrep '^(uid|uat):' | cut -f2,10 -d: | grep -n -x -F 'r:Foo T. Bar (DO NOT USE!) ') ; then + if linenum=$(gpg_host --list-keys --with-colons --fixed-list-mode "0x$fpr"\! | egrep '^(uid|uat):' | cut -f2,10 -d: | grep -n -x -F "$tmpuidMatch") ; then uidNum=${linenum%%:*} else failure "no non-revoked hostname '$1' is listed." @@ -436,7 +436,7 @@ save EOF ) - echo "$revuidCommand" | gpg_host --quiet --command-fd 0 --edit-key "0x$fingerprint"\! + echo "$revuidCommand" | gpg_host --quiet --command-fd 0 --edit-key "0x$fpr"\! echo "NOTE: host userID revokation has not been published." echo "Use '$PGRM publish-key' to publish these changes." -- cgit v1.2.3 From b0ea15c8e359a908583e08da0663d69e353c77dc Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Fri, 15 Aug 2008 15:24:34 -0400 Subject: fixing bugs in monkeysphere-server diagnostics. --- src/monkeysphere-server | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) (limited to 'src/monkeysphere-server') diff --git a/src/monkeysphere-server b/src/monkeysphere-server index dd85dcc..2b9b744 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -468,7 +468,10 @@ diagnostics() { local uid local fingerprint local badhostkeys + local sshd_config + # FIXME: what's the correct, cross-platform answer? + sshd_config=/etc/ssh/sshd_config seckey=$(fingerprint_server_key) keysfound=$(echo "$seckey" | grep -c ^sec:) curdate=$(date +%s) @@ -545,14 +548,14 @@ diagnostics() { fi # propose changes needed for sshd_config (if any) - if ! grep -q "^HostKey[[:space:]]\+${VARLIB}/ssh_host_rsa_key$" /etc/ssh/sshd_config; then - echo "! /etc/ssh/sshd_config does not point to the monkeysphere host key (${VARLIB}/ssh_host_rsa_key)." - echo " - Recommendation: add a line to /etc/ssh/sshd_config: 'HostKey ${VARLIB}/ssh_host_rsa_key'" + if ! grep -q "^HostKey[[:space:]]\+${VARLIB}/ssh_host_rsa_key$" "$sshd_config"; then + echo "! $sshd_config does not point to the monkeysphere host key (${VARLIB}/ssh_host_rsa_key)." + echo " - Recommendation: add a line to $sshd_config: 'HostKey ${VARLIB}/ssh_host_rsa_key'" fi - if badhostkeys=$(grep -i '^HostKey' | grep -q -v "^HostKey[[:space:]]\+${VARLIB}/ssh_host_rsa_key$") ; then + if badhostkeys=$(grep -i '^HostKey' "$sshd_config" | grep -q -v "^HostKey[[:space:]]\+${VARLIB}/ssh_host_rsa_key$") ; then echo "! /etc/sshd_config refers to some non-monkeysphere host keys:" echo "$badhostkeys" - echo " - Recommendation: remove the above HostKey lines from /etc/ssh/sshd_config" + echo " - Recommendation: remove the above HostKey lines from $sshd_config" fi fi fi @@ -568,14 +571,14 @@ diagnostics() { echo "Checking for MonkeySphere-enabled public-key authentication for users ..." # Ensure that User ID authentication is enabled: - if ! grep -q "^AuthorizedKeysFile[[:space:]]\+${VARLIB}/authorized_keys/%u$" /etc/ssh/sshd_config; then - echo "! /etc/ssh/sshd_config does not point to monkeysphere authorized keys." - echo " - Recommendation: add a line to /etc/ssh/sshd_config: 'AuthorizedKeysFile ${VARLIB}/authorized_keys/%u'" + if ! grep -q "^AuthorizedKeysFile[[:space:]]\+${VARLIB}/authorized_keys/%u$" "$sshd_config"; then + echo "! $sshd_config does not point to monkeysphere authorized keys." + echo " - Recommendation: add a line to $sshd_config: 'AuthorizedKeysFile ${VARLIB}/authorized_keys/%u'" fi - if badauthorizedkeys=$(grep -i '^AuthorizedKeysFile' | grep -q -v "^AuthorizedKeysFile[[:space:]]\+${VARLIB}/authorized_keys/%u$") ; then + if badauthorizedkeys=$(grep -i '^AuthorizedKeysFile' "$sshd_config" | grep -q -v "^AuthorizedKeysFile[[:space:]]\+${VARLIB}/authorized_keys/%u$") ; then echo "! /etc/sshd_config refers to non-monkeysphere authorized_keys files:" echo "$badauthorizedkeys" - echo " - Recommendation: remove the above AuthorizedKeysFile lines from /etc/ssh/sshd_config" + echo " - Recommendation: remove the above AuthorizedKeysFile lines from $sshd_config" fi } -- cgit v1.2.3 From 8cf936aa9d62f6e8655904375a2d8217f559947a Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Fri, 15 Aug 2008 13:02:05 -0700 Subject: more work on hostname add/revoke --- src/common | 13 ++++---- src/monkeysphere-server | 89 +++++++++++++++++++++++++++++++++++++++++-------- 2 files changed, 82 insertions(+), 20 deletions(-) (limited to 'src/monkeysphere-server') diff --git a/src/common b/src/common index 17955a7..34c86cb 100644 --- a/src/common +++ b/src/common @@ -69,11 +69,12 @@ file_hash() { md5sum "$1" 2> /dev/null } -# convert escaped characters from gpg output back into original -# character -# FIXME: undo all escape character translation in with-colons gpg output -unescape() { - echo "$1" | sed 's/\\x3a/:/g' +# convert escaped characters in pipeline from gpg output back into +# original character +# FIXME: undo all escape character translation in with-colons gpg +# output +gpg_unescape() { + sed 's/\\x3a/:/g' } # remove all lines with specified string from specified file @@ -398,7 +399,7 @@ process_user_id() { continue fi # if the user ID does not match, skip - if [ "$(unescape "$uidfpr")" != "$userID" ] ; then + if [ "$(echo "$uidfpr" | gpg_unescape)" != "$userID" ] ; then continue fi # if the user ID validity is not ok, skip diff --git a/src/monkeysphere-server b/src/monkeysphere-server index 023ce9b..31bce7d 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -100,17 +100,19 @@ gpg_authentication() { su_monkeysphere_user "gpg $@" } -# output key information -show_server_key() { - gpg_host --list-secret-keys --fingerprint -} - # output just key fingerprint fingerprint_server_key() { gpg_host --list-secret-keys --fingerprint --with-colons --fixed-list-mode | \ grep '^fpr:' | head -1 | cut -d: -f10 } +# output key information +show_server_key() { + local fingerprint + fingerprint=$(fingerprint_server_key) + gpg_host --fingerprint --list-secret-key "$fingerprint" +} + # update authorized_keys for users update_users() { if [ "$1" ] ; then @@ -371,52 +373,111 @@ EOF # add hostname user ID to server key add_hostname() { + local userID + local fingerprint + local adduidCommand + if [ -z "$1" ] ; then failure "You must specify a hostname to add." fi userID="ssh://${1}" - if [ "$(gpg_host --list-key "=${userID}")" ] ; then + if [ "$(gpg_host --list-key "=${userID}" 2> /dev/null)" ] ; then failure "Host userID '$userID' already exists." fi + echo "The following user ID will be added to the host key:" + echo " '$userID'" + read -p "Are you sure you would like to add this user ID? (y/N) " OK; OK=${OK:=N} + if [ ${OK/y/Y} != 'Y' ] ; then + failure "user ID not added." + fi + fingerprint=$(fingerprint_server_key) + # edit-key script command to add user ID adduidCommand=$(cat < /dev/null | \ + egrep "^(uid|uat):" | cut -d: -f10 | gpg_unescape | cat -n | \ + grep "$userID" | awk '{ print $1 }') + + if [ -z "$uidIndex" ] ; then + failure "User ID '$userID' not found in host key." + fi - echo "NOTE: host userID revokation has not been published." - echo "Use '$PGRM publish-key' to publish these changes." + echo "The following user ID will be revoked from the host key:" + echo " '$userID'" + read -p "Are you sure you would like to revoke this user ID? (y/N) " OK; OK=${OK:=N} + if [ ${OK/y/Y} != 'Y' ] ; then + failure "user ID not revoked." + fi + + # edit-key script command to revoke user ID + revuidCommand=$(cat < Date: Fri, 15 Aug 2008 15:27:11 -0700 Subject: More work on finishing add/revoke hostname functions. Improved list-certifiers function, to use non-priviledged user. --- debian/changelog | 3 +- src/monkeysphere | 12 ++--- src/monkeysphere-server | 120 +++++++++++++++++++++++++++++++++--------------- 3 files changed, 90 insertions(+), 45 deletions(-) (limited to 'src/monkeysphere-server') diff --git a/debian/changelog b/debian/changelog index 64c2a09..af4d94b 100644 --- a/debian/changelog +++ b/debian/changelog @@ -15,8 +15,9 @@ monkeysphere (0.8-1) UNRELEASED; urgency=low * enabled host key publication. * added checking of gpg.conf for keyserver * new functions to add/revoke host key user IDs + * improved list-certifiers function (now non-priviledged) - -- Jameson Graef Rollins Fri, 15 Aug 2008 15:02:48 -0700 + -- Jameson Graef Rollins Fri, 15 Aug 2008 15:57:14 -0700 monkeysphere (0.7-1) experimental; urgency=low diff --git a/src/monkeysphere b/src/monkeysphere index 57597e2..f959a38 100755 --- a/src/monkeysphere +++ b/src/monkeysphere @@ -37,12 +37,12 @@ usage: $PGRM [options] [args] MonkeySphere client tool. subcommands: - update-known_hosts (k) [HOST]... update known_hosts file - update-authorized_keys (a) update authorized_keys file - gen-subkey (g) KEYID generate an 'a' capable subkey - -l|--length BITS key length in bits (2048) - -e|--expire EXPIRE date to expire - help (h,?) this help + update-known_hosts (k) [HOST]... update known_hosts file + update-authorized_keys (a) update authorized_keys file + gen-subkey (g) KEYID generate an 'a' capable subkey + --length (-l) BITS key length in bits (2048) + --expire (-e) EXPIRE date to expire + help (h,?) this help EOF } diff --git a/src/monkeysphere-server b/src/monkeysphere-server index 69395a4..fcd3114 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -40,9 +40,9 @@ subcommands: update-users (u) [USER]... update user authorized_keys files gen-key (g) [NAME[:PORT]] generate gpg key for the server - -l|--length BITS key length in bits (2048) - -e|--expire EXPIRE date to expire - -r|--revoker FINGERPRINT add a revoker + --length (-l) BITS key length in bits (2048) + --expire (-e) EXPIRE date to expire + --revoker (-r) FINGERPRINT add a revoker add-hostname (n+) NAME[:PORT] add hostname user ID to server key revoke-hostname (n-) NAME[:PORT] revoke hostname user ID show-key (s) output all server host key information @@ -51,15 +51,16 @@ subcommands: diagnostics (d) report on server monkeysphere status add-id-certifier (c+) KEYID import and tsign a certification key - -n|--domain DOMAIN limit ID certifications to DOMAIN - -t|--trust TRUST trust level of certifier (full) - -d|--depth DEPTH trust depth for certifier (1) + --domain (-n) DOMAIN limit ID certifications to DOMAIN + --trust (-t) TRUST trust level of certifier (full) + --depth (-d) DEPTH trust depth for certifier (1) remove-id-certifier (c-) KEYID remove a certification key list-id-certifiers (c) list certification keys gpg-authentication-cmd CMD gnupg-authentication command - -h|--help|help (h,?) this help + help (h,?) this help + EOF } @@ -102,7 +103,8 @@ gpg_authentication() { # output just key fingerprint fingerprint_server_key() { - gpg_host --list-secret-keys --fingerprint --with-colons --fixed-list-mode | \ + gpg_host --list-secret-keys --fingerprint \ + --with-colons --fixed-list-mode 2> /dev/null | \ grep '^fpr:' | head -1 | cut -d: -f10 } @@ -393,7 +395,7 @@ add_hostname() { # find the index of the requsted user ID # NOTE: this is based on circumstantial evidence that the order of # this output is the appropriate index - if line=$(gpg_host --list-keys --with-colons --fixed-list-mode "0x${fingerprint}"\! \ + if line=$(gpg_host --list-keys --with-colons --fixed-list-mode "0x${fingerprint}!" \ | egrep '^(uid|uat):' | cut -f2,10 -d: | grep -n -x -F "$tmpuidMatch") ; then failure "Host userID '$userID' already exists." fi @@ -402,7 +404,7 @@ add_hostname() { echo " $userID" read -p "Are you sure you would like to add this user ID? (y/N) " OK; OK=${OK:=N} if [ ${OK/y/Y} != 'Y' ] ; then - failure "user ID not added." + failure "User ID not added." fi # edit-key script command to add user ID @@ -416,14 +418,15 @@ EOF ) # execute edit-key script - if echo "$adduidCommand" | gpg_host --quiet --command-fd 0 --edit-key "0x${fingerprint}"\! ; then + if echo "$adduidCommand" | \ + gpg_host --quiet --command-fd 0 --edit-key "0x${fingerprint}!" ; then # update trust db gpg_host --check-trustdb show_server_key - echo "NOTE: User ID added but key not published." - echo "Run '$PGRM publish-key' to publish the key" + echo "NOTE: User ID added to key, but key not published." + echo "Run '$PGRM publish-key' to publish the new user ID." else failure "Problem adding user ID." fi @@ -453,18 +456,18 @@ revoke_hostname() { # find the index of the requsted user ID # NOTE: this is based on circumstantial evidence that the order of # this output is the appropriate index - if line=$(gpg_host --list-keys --with-colons --fixed-list-mode "0x${fingerprint}"\! \ + if line=$(gpg_host --list-keys --with-colons --fixed-list-mode "0x${fingerprint}!" \ | egrep '^(uid|uat):' | cut -f2,10 -d: | grep -n -x -F "$tmpuidMatch") ; then uidIndex=${line%%:*} else failure "No non-revoked user ID '$userID' is found." fi - echo "The following user ID will be revoked from the host key:" + echo "The following host key user ID will be revoked:" echo " $userID" read -p "Are you sure you would like to revoke this user ID? (y/N) " OK; OK=${OK:=N} if [ ${OK/y/Y} != 'Y' ] ; then - failure "user ID not revoked." + failure "User ID not revoked." fi message="Hostname removed by monkeysphere-server $DATE" @@ -483,14 +486,15 @@ EOF ) # execute edit-key script - if echo "$revuidCommand" | gpg_host --quiet --command-fd 0 --edit-key "0x${fingerprint}"\! ; then + if echo "$revuidCommand" | \ + gpg_host --quiet --command-fd 0 --edit-key "0x${fingerprint}!" ; then # update trust db gpg_host --check-trustdb show_server_key - echo "NOTE: User ID revoked but key not published." - echo "Run '$PGRM publish-key' to publish the key" + echo "NOTE: User ID revoked, but revokation not published." + echo "Run '$PGRM publish-key' to publish the revocation." else failure "Problem revoking user ID." fi @@ -507,7 +511,7 @@ publish_server_key() { fingerprint=$(fingerprint_server_key) # publish host key - gpg_authentication "--keyserver $KEYSERVER --send-keys $fingerprint" + gpg_authentication "--keyserver $KEYSERVER --send-keys '0x${fingerprint}!'" } diagnostics() { @@ -593,6 +597,7 @@ diagnostics() { # have a way to do that after key generation?) # Ensure that the ssh_host_rsa_key file is present and non-empty: + echo echo "Checking host SSH key..." if [ ! -s "${VARLIB}/ssh_host_rsa_key" ] ; then echo "! The host key as prepared for SSH (${VARLIB}/ssh_host_rsa_key) is missing or empty." @@ -607,7 +612,7 @@ diagnostics() { echo " - Recommendation: add a line to $sshd_config: 'HostKey ${VARLIB}/ssh_host_rsa_key'" fi if badhostkeys=$(grep -i '^HostKey' "$sshd_config" | grep -q -v "^HostKey[[:space:]]\+${VARLIB}/ssh_host_rsa_key$") ; then - echo "! /etc/sshd_config refers to some non-monkeysphere host keys:" + echo "! $sshd_config refers to some non-monkeysphere host keys:" echo "$badhostkeys" echo " - Recommendation: remove the above HostKey lines from $sshd_config" fi @@ -623,6 +628,7 @@ diagnostics() { # FIXME: make sure that at least one identity certifier exists + echo echo "Checking for MonkeySphere-enabled public-key authentication for users ..." # Ensure that User ID authentication is enabled: if ! grep -q "^AuthorizedKeysFile[[:space:]]\+${VARLIB}/authorized_keys/%u$" "$sshd_config"; then @@ -630,7 +636,7 @@ diagnostics() { echo " - Recommendation: add a line to $sshd_config: 'AuthorizedKeysFile ${VARLIB}/authorized_keys/%u'" fi if badauthorizedkeys=$(grep -i '^AuthorizedKeysFile' "$sshd_config" | grep -q -v "^AuthorizedKeysFile[[:space:]]\+${VARLIB}/authorized_keys/%u$") ; then - echo "! /etc/sshd_config refers to non-monkeysphere authorized_keys files:" + echo "! $sshd_config refers to non-monkeysphere authorized_keys files:" echo "$badauthorizedkeys" echo " - Recommendation: remove the above AuthorizedKeysFile lines from $sshd_config" fi @@ -692,30 +698,35 @@ add_certifier() { export keyID # get the key from the key server - gpg_authentication "--keyserver $KEYSERVER --recv-key '$keyID'" + gpg_authentication "--keyserver $KEYSERVER --recv-key '0x${keyID}!'" # get the full fingerprint of a key ID - fingerprint=$(gpg_authentication "--list-key --with-colons --with-fingerprint $keyID" | \ + fingerprint=$(gpg_authentication "--list-key --with-colons --with-fingerprint 0x${keyID}!" | \ grep '^fpr:' | grep "$keyID" | cut -d: -f10) + if [ -z "$fingerprint" ] ; then + failure "Key '$keyID' not found." + fi + + echo echo "key found:" - gpg_authentication "--fingerprint $fingerprint" + gpg_authentication "--fingerprint 0x${fingerprint}!" - echo "Are you sure you want to add this key as a certifier of" - read -p "users on this system? (y/N) " OK; OK=${OK:-N} + echo "Are you sure you want to add the above key as a" + read -p "certifier of users on this system? (y/N) " OK; OK=${OK:-N} if [ "${OK/y/Y}" != 'Y' ] ; then - failure "aborting." + failure "Identity certifier not added." fi # export the key to the host keyring - gpg_authentication "--export $keyID" | gpg_host --import + gpg_authentication "--export 0x${fingerprint}!" | gpg_host --import if [ "$trust" == marginal ]; then trustval=1 elif [ "$trust" == full ]; then trustval=2 else - failure "trust value requested ('$trust') was unclear (only 'marginal' or 'full' are supported)" + failure "Trust value requested ('$trust') was unclear (only 'marginal' or 'full' are supported)." fi # ltsign command @@ -732,10 +743,17 @@ EOF ) # ltsign the key - echo "$ltsignCommand" | gpg_host --quiet --command-fd 0 --edit-key "0x${fingerprint}"\! + if echo "$ltsignCommand" | \ + gpg_host --quiet --command-fd 0 --edit-key "0x${fingerprint}!" ; then - # update the trustdb for the authentication keyring - gpg_authentication "--check-trustdb" + # update the trustdb for the authentication keyring + gpg_authentication "--check-trustdb" + + echo + echo "Identity certifier added." + else + failure "Problem adding identify certifier." + fi } # delete a certifiers key from the host keyring @@ -748,16 +766,42 @@ remove_certifier() { failure "You must specify the key ID of a key to remove." fi - # delete the requested key (with prompting) - gpg_host --delete-key "$keyID" + if gpg_authentication "--no-options --list-options show-uid-validity --keyring ${GNUPGHOME_AUTHENTICATION}/pubring.gpg --list-key 0x${keyID}!" ; then + read -p "Really remove above listed identity certifier? (y/N) " OK; OK=${OK:-N} + if [ "${OK/y/Y}" != 'Y' ] ; then + failure "Identity certifier not removed." + fi + else + failure + fi + + # delete the requested key + if gpg_authentication "--delete-key --batch --yes 0x${keyID}!" ; then + # delete key from host keyring as well + gpg_host --delete-key --batch --yes "0x${keyID}!" + # update the trustdb for the authentication keyring + gpg_authentication "--check-trustdb" - # update the trustdb for the authentication keyring - gpg_authentication "--check-trustdb" + echo + echo "Identity certifier removed." + else + failure "Problem removing identity certifier." + fi } # list the host certifiers list_certifiers() { - gpg_host --list-keys + local keys + local key + + # find trusted keys in authentication keychain + keys=$(gpg_authentication "--no-options --list-options show-uid-validity --keyring ${GNUPGHOME_AUTHENTICATION}/pubring.gpg --list-keys --with-colons --fingerprint" | \ + grep ^pub: | cut -d: -f2,5 | egrep '^(u|f):' | cut -d: -f2) + + # output keys + for key in $keys ; do + gpg_authentication "--no-options --list-options show-uid-validity --keyring ${GNUPGHOME_AUTHENTICATION}/pubring.gpg --list-key --fingerprint $key" + done } # issue command to gpg-authentication keyring -- cgit v1.2.3 From 7c31f3eda8d4a5015ad0203ecbbcb5846ffe7802 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sat, 16 Aug 2008 11:01:40 -0400 Subject: fixed typo in output. --- src/monkeysphere-server | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/monkeysphere-server') diff --git a/src/monkeysphere-server b/src/monkeysphere-server index fcd3114..6754b23 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -493,7 +493,7 @@ EOF show_server_key - echo "NOTE: User ID revoked, but revokation not published." + echo "NOTE: User ID revoked, but revocation not published." echo "Run '$PGRM publish-key' to publish the revocation." else failure "Problem revoking user ID." -- cgit v1.2.3 From 1d0c202737a733f958ba0b5c8851f3a3d3de62ca Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Mon, 18 Aug 2008 09:41:10 -0700 Subject: add loud warning about bug in revoke-hostname --- src/monkeysphere-server | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'src/monkeysphere-server') diff --git a/src/monkeysphere-server b/src/monkeysphere-server index 6754b23..bc8be05 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -446,6 +446,15 @@ revoke_hostname() { failure "You must specify a hostname to revoke." fi + echo "WARNING: There is a known bug in this function." + echo "This function has been known to occasionally revoke the wrong user ID." + echo "Please see the following bug report for more information:" + echo "http://monkeysphere.info/bugs/revoke-hostname-revoking-wrong-userid/" + read -p "Are you sure you would like to proceed? (y/N) " OK; OK=${OK:=N} + if [ ${OK/y/Y} != 'Y' ] ; then + failure "aborting." + fi + userID="ssh://${1}" fingerprint=$(fingerprint_server_key) -- cgit v1.2.3 From d16c5795ebdfc369cc184448e3e57d850086f0a4 Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Mon, 18 Aug 2008 10:57:48 -0700 Subject: fix bug i accidentally introduced in the diagnostic function --- src/monkeysphere-server | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/monkeysphere-server') diff --git a/src/monkeysphere-server b/src/monkeysphere-server index bc8be05..ea94618 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -539,7 +539,7 @@ diagnostics() { # FIXME: what's the correct, cross-platform answer? sshd_config=/etc/ssh/sshd_config - seckey=$(fingerprint_server_key) + seckey=$(gpg_host --list-secret-keys --with-colons --fixed-list-mode) keysfound=$(echo "$seckey" | grep -c ^sec:) curdate=$(date +%s) # warn when anything is 2 months away from expiration -- cgit v1.2.3 From 38be21fd599fc114d05f64fdf8643f2a2ac9a18e Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Mon, 18 Aug 2008 14:09:34 -0400 Subject: re-added fingerprint output during diagnostics. --- src/monkeysphere-server | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/monkeysphere-server') diff --git a/src/monkeysphere-server b/src/monkeysphere-server index ea94618..052e6de 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -539,7 +539,7 @@ diagnostics() { # FIXME: what's the correct, cross-platform answer? sshd_config=/etc/ssh/sshd_config - seckey=$(gpg_host --list-secret-keys --with-colons --fixed-list-mode) + seckey=$(gpg_host --list-secret-keys --fingerprint --with-colons --fixed-list-mode) keysfound=$(echo "$seckey" | grep -c ^sec:) curdate=$(date +%s) # warn when anything is 2 months away from expiration -- cgit v1.2.3 From d8ece7d101fb16c99dfcc1224cc48f2c9cd4024d Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Mon, 18 Aug 2008 15:21:11 -0400 Subject: added 'monkeysphere-server extend-key' subcommand --- debian/changelog | 7 +++++- man/man8/monkeysphere-server.8 | 29 +++++++++++++++++------ src/common | 22 +++++++++++++++++ src/monkeysphere-server | 54 ++++++++++++++++++++++++++++-------------- 4 files changed, 86 insertions(+), 26 deletions(-) (limited to 'src/monkeysphere-server') diff --git a/debian/changelog b/debian/changelog index 828973f..40172aa 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,9 +1,14 @@ monkeysphere (0.9-1) experimental; urgency=low + [ Daniel Kahn Gillmor ] + * implemented "monkeysphere-server extend-key" to adjust expiration + dates. + + [ Jameson Graef Rollins ] * fixed bug in user id processing that prevented bad primary keys from being properly removed. - -- Jameson Graef Rollins Mon, 18 Aug 2008 10:13:36 -0700 + -- Daniel Kahn Gillmor Mon, 18 Aug 2008 14:59:56 -0400 monkeysphere (0.8-1) experimental; urgency=low diff --git a/man/man8/monkeysphere-server.8 b/man/man8/monkeysphere-server.8 index 8e7278b..416cc87 100644 --- a/man/man8/monkeysphere-server.8 +++ b/man/man8/monkeysphere-server.8 @@ -36,13 +36,28 @@ specified, then all accounts on the system are processed. `u' may be used in place of `update-users'. .TP .B gen-key [HOSTNAME] -Generate a OpenPGP key pair for the host. If HOSTNAME is not -specified, then the system fully-qualified domain name will be user. -An alternate key bit length can be specified with the `-l' or -`--length' option (default 2048). An expiration length can be -specified with the `-e' or `--expire' option (prompt otherwise). A -key revoker fingerprint can be specified with the `-r' or `--revoker' -option. `g' may be used in place of `gen-key'. +Generate a OpenPGP key for the host. If HOSTNAME is not specified, +then the system fully-qualified domain name will be user. An +alternate key bit length can be specified with the `-l' or `--length' +option (default 2048). An expiration length can be specified with the +`-e' or `--expire' option (prompt otherwise). The expiration format +is the same as that of \fBextend-key\fP, below. A key revoker +fingerprint can be specified with the `-r' or `--revoker' option. `g' +may be used in place of `gen-key'. +.TP +.B extend-key EXPIRE +Extend the validity of the OpenPGP key for the host until EXPIRE from +the present. If EXPIRE is not specified, then the user will be +prompted for the extension term. Expiration is specified like GnuPG +does: +.nf + 0 = key does not expire + = key expires in n days + w = key expires in n weeks + m = key expires in n months + y = key expires in n years +.fi +`e' may be used in place of `extend-key'. .TP .B add-hostname HOSTNAME Add a hostname user ID to the server host key. `n+' may be used in diff --git a/src/common b/src/common index 9a03b9c..54ea9cb 100644 --- a/src/common +++ b/src/common @@ -83,6 +83,28 @@ gpg_escape() { sed 's/:/\\x3a/g' } +# prompt for GPG-formatted expiration, and emit result on stdout +get_gpg_expiration() { + local keyExpire= + + cat >&2 < = key expires in n days + w = key expires in n weeks + m = key expires in n months + y = key expires in n years +EOF + while [ -z "$keyExpire" ] ; do + read -p "Key is valid for? (0) " keyExpire + if ! test_gpg_expire ${keyExpire:=0} ; then + echo "invalid value" >&2 + unset keyExpire + fi + done + echo "$keyExpire" +} + # remove all lines with specified string from specified file remove_line() { local file diff --git a/src/monkeysphere-server b/src/monkeysphere-server index 052e6de..91e2121 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -4,6 +4,7 @@ # # The monkeysphere scripts are written by: # Jameson Rollins +# Daniel Kahn Gillmor # # They are Copyright 2008, and are all released under the GPL, version 3 # or later. @@ -43,6 +44,7 @@ subcommands: --length (-l) BITS key length in bits (2048) --expire (-e) EXPIRE date to expire --revoker (-r) FINGERPRINT add a revoker + extend-key (e) EXPIRE extend expiration to EXPIRE add-hostname (n+) NAME[:PORT] add hostname user ID to server key revoke-hostname (n-) NAME[:PORT] revoke hostname user ID show-key (s) output all server host key information @@ -296,22 +298,9 @@ gen_key() { # prompt about key expiration if not specified if [ -z "$keyExpire" ] ; then - cat < = key expires in n days - w = key expires in n weeks - m = key expires in n months - y = key expires in n years -EOF - while [ -z "$keyExpire" ] ; do - read -p "Key is valid for? (0) " keyExpire - if ! test_gpg_expire ${keyExpire:=0} ; then - echo "invalid value" - unset keyExpire - fi - done - elif ! test_gpg_expire "$keyExpire" ; then + keyExpire=$(get_gpg_expiration) + fi + if ! test_gpg_expire "$keyExpire" ; then failure "invalid key expiration value '$keyExpire'." fi @@ -373,6 +362,31 @@ EOF log "Private SSH host key output to file: ${VARLIB}/ssh_host_rsa_key" } +# extend the lifetime of a host key: +extend_key() { + local fpr=$(fingerprint_server_key) + local extendTo="$1" + + if [ -z "$fpr" ] ; then + failure "You don't appear to have a MonkeySphere host key on this server. Try 'monkeysphere-server gen-key' first." + fi + + if [ -z "$extendTo" ]; then + extendTo=$(get_gpg_expiration) + fi + if ! test_gpg_expire "$extendTo" ; then + failure "invalid expiration value '$extendTo'." + fi + + gpg_host --quiet --command-fd 0 --edit-key "$fpr" < Date: Mon, 18 Aug 2008 15:41:12 -0400 Subject: collapsed "show-fingerprint" with "show-key" for monkeysphere-server. --- man/man8/monkeysphere-server.8 | 4 ---- src/monkeysphere-server | 19 +++++++++++++------ 2 files changed, 13 insertions(+), 10 deletions(-) (limited to 'src/monkeysphere-server') diff --git a/man/man8/monkeysphere-server.8 b/man/man8/monkeysphere-server.8 index 416cc87..5985f24 100644 --- a/man/man8/monkeysphere-server.8 +++ b/man/man8/monkeysphere-server.8 @@ -71,10 +71,6 @@ in place of `revoke-hostname'. Output gpg information about host's OpenPGP key. `s' may be used in place of `show-key'. .TP -.B fingerprint -Output just the fingerprint for the host's OpenPGP key. `f' may be -used in place of `fingerprint'. -.TP .B publish-key Publish the host's OpenPGP key to the keyserver. `p' may be used in place of `publish-key'. diff --git a/src/monkeysphere-server b/src/monkeysphere-server index 91e2121..99e5f80 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -48,7 +48,6 @@ subcommands: add-hostname (n+) NAME[:PORT] add hostname user ID to server key revoke-hostname (n-) NAME[:PORT] revoke hostname user ID show-key (s) output all server host key information - fingerprint (f) output just the key fingerprint publish-key (p) publish server host key to keyserver diagnostics (d) report on server monkeysphere status @@ -113,8 +112,20 @@ fingerprint_server_key() { # output key information show_server_key() { local fingerprint + local tmpkey + fingerprint=$(fingerprint_server_key) - gpg_host --fingerprint --list-secret-key "$fingerprint" + gpg_authentication "--fingerprint --list-key $fingerprint" + + # dumping to a file named ' ' so that the ssh-keygen output + # doesn't claim any potentially bogus hostname(s): + tmpkey=$(mktemp -d) + gpg_authentication "--export $fingerprint" | openpgp2ssh "$fingerprint" 2>/dev/null > "$tmpkey/ " + echo -n "ssh fingerprint: " + (cd "$tmpkey" && ssh-keygen -l -f ' ') + rm -rf "$tmpkey" + echo -n "OpenPGP fingerprint: " + echo "$fingerprint" } # update authorized_keys for users @@ -899,10 +910,6 @@ case $COMMAND in show_server_key ;; - 'show-fingerprint'|'fingerprint'|'f') - fingerprint_server_key - ;; - 'publish-key'|'publish'|'p') publish_server_key ;; -- cgit v1.2.3