From 62374dd1c16a2719202955ad3fe878be5cc14dba Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Wed, 18 Feb 2009 20:56:14 -0500 Subject: new msmktempdir function, to simplify making temporary directories. remove MHTMPDIR, since it's not needed. --- src/share/m/gen_subkey | 2 +- src/share/m/import_subkey | 2 +- src/share/m/subkey_to_ssh_agent | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) (limited to 'src/share/m') diff --git a/src/share/m/gen_subkey b/src/share/m/gen_subkey index cbefaa3..19d384d 100644 --- a/src/share/m/gen_subkey +++ b/src/share/m/gen_subkey @@ -114,7 +114,7 @@ EOF ) log verbose "generating subkey..." - fifoDir=$(mktemp -d ${TMPDIR:-/tmp}/tmp.XXXXXXXXXX) + fifoDir=$(msmktempdir) (umask 077 && mkfifo "$fifoDir/pass") echo "$editCommands" | gpg --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --edit-key "$keyID" & diff --git a/src/share/m/import_subkey b/src/share/m/import_subkey index aa89958..8b04456 100644 --- a/src/share/m/import_subkey +++ b/src/share/m/import_subkey @@ -42,7 +42,7 @@ Type '$PGRM help' for usage." done log verbose "importing ssh key..." - fifoDir=$(mktemp -d ${TMPDIR:-/tmp}/tmp.XXXXXXXXXX) + fifoDir=$(msmktempdir) (umask 077 && mkfifo "$fifoDir/pass") ssh2openpgp | gpg --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --import & diff --git a/src/share/m/subkey_to_ssh_agent b/src/share/m/subkey_to_ssh_agent index 012c95f..a92718e 100644 --- a/src/share/m/subkey_to_ssh_agent +++ b/src/share/m/subkey_to_ssh_agent @@ -64,7 +64,7 @@ You might want to run 'gpg --gen-key'." You might want to 'monkeysphere gen-subkey'" fi - workingdir=$(mktemp -d ${TMPDIR:-/tmp}/tmp.XXXXXXXXXX) + workingdir=$(msmktempdir) umask 077 mkfifo "$workingdir/passphrase" keysuccess=1 -- cgit v1.2.3 From d09b0814096b1660c3a300e939091a58622a57a6 Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Wed, 18 Feb 2009 22:37:12 -0500 Subject: Cleanup how variables are specified and loaded: - define more common variables in share/common - cleanup how defaults are specified - fix how CHECK_KEYSERVER was determined in monkeysphere Fix calls to update_known_hosts and update_authorized_keys in monkeysphere so that some of the checks are done within the functions themselves, as opposed in the monkeysphere wrapper, so that other functions can call them easier. Fix ssh-proxycommand that had some left over cruft from the transition. --- src/monkeysphere | 80 ++++++++++++++--------------------------- src/monkeysphere-authentication | 35 ++++++++---------- src/monkeysphere-host | 29 +++++++-------- src/share/common | 44 +++++++++++++++++++++++ src/share/m/ssh_proxycommand | 26 +++++++------- 5 files changed, 112 insertions(+), 102 deletions(-) (limited to 'src/share/m') diff --git a/src/monkeysphere b/src/monkeysphere index da5f406..a626a8e 100755 --- a/src/monkeysphere +++ b/src/monkeysphere @@ -63,41 +63,38 @@ EOF # MAIN ######################################################################## -# unset variables that should be defined only in config file -unset KEYSERVER -unset CHECK_KEYSERVER -unset KNOWN_HOSTS -unset HASH_KNOWN_HOSTS -unset AUTHORIZED_KEYS +# set unset default variables +GNUPGHOME=${GNUPGHOME:="${HOME}/.gnupg"} +KNOWN_HOSTS="${HOME}/.ssh/known_hosts" +HASH_KNOWN_HOSTS="true" +AUTHORIZED_KEYS="${HOME}/.ssh/authorized_keys" # load global config -[ -r "${SYSCONFIGDIR}/monkeysphere.conf" ] && . "${SYSCONFIGDIR}/monkeysphere.conf" +[ -r "${SYSCONFIGDIR}/monkeysphere.conf" ] \ + && . "${SYSCONFIGDIR}/monkeysphere.conf" # set monkeysphere home directory MONKEYSPHERE_HOME=${MONKEYSPHERE_HOME:="${HOME}/.monkeysphere"} mkdir -p -m 0700 "$MONKEYSPHERE_HOME" # load local config -[ -e ${MONKEYSPHERE_CONFIG:="${MONKEYSPHERE_HOME}/monkeysphere.conf"} ] && . "$MONKEYSPHERE_CONFIG" - -# set empty config variables with ones from the environment, or from -# config file, or with defaults -LOG_LEVEL=${MONKEYSPHERE_LOG_LEVEL:=${LOG_LEVEL:="INFO"}} -GNUPGHOME=${MONKEYSPHERE_GNUPGHOME:=${GNUPGHOME:="${HOME}/.gnupg"}} -KEYSERVER=${MONKEYSPHERE_KEYSERVER:="$KEYSERVER"} -# if keyserver not specified in env or monkeysphere.conf, -# look in gpg.conf +[ -e ${MONKEYSPHERE_CONFIG:="${MONKEYSPHERE_HOME}/monkeysphere.conf"} ] \ + && . "$MONKEYSPHERE_CONFIG" + +# set empty config variables with ones from the environment +GNUPGHOME=${MONKEYSPHERE_GNUPGHOME:=$GNUPGHOME} +LOG_LEVEL=${MONKEYSPHERE_LOG_LEVEL:=$LOG_LEVEL} +KEYSERVER=${MONKEYSPHERE_KEYSERVER:=$KEYSERVER} +# if keyserver not specified in env or conf, then look in gpg.conf if [ -z "$KEYSERVER" ] ; then if [ -f "${GNUPGHOME}/gpg.conf" ] ; then KEYSERVER=$(grep -e "^[[:space:]]*keyserver " "${GNUPGHOME}/gpg.conf" | tail -1 | awk '{ print $2 }') fi fi -# if it's still not specified, use the default -KEYSERVER=${KEYSERVER:="subkeys.pgp.net"} -CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:=${CHECK_KEYSERVER:="true"}} -KNOWN_HOSTS=${MONKEYSPHERE_KNOWN_HOSTS:=${KNOWN_HOSTS:="${HOME}/.ssh/known_hosts"}} -HASH_KNOWN_HOSTS=${MONKEYSPHERE_HASH_KNOWN_HOSTS:=${HASH_KNOWN_HOSTS:="true"}} -AUTHORIZED_KEYS=${MONKEYSPHERE_AUTHORIZED_KEYS:=${AUTHORIZED_KEYS:="${HOME}/.ssh/authorized_keys"}} +PROMPT=${MONKEYSPHERE_PROMPT:=$PROMPT} +KNOWN_HOSTS=${MONKEYSPHERE_KNOWN_HOSTS:=$KNOWN_HOSTS} +HASH_KNOWN_HOSTS=${MONKEYSPHERE_HASH_KNOWN_HOSTS:=$HASH_KNOWN_HOSTS} +AUTHORIZED_KEYS=${MONKEYSPHERE_AUTHORIZED_KEYS:=$AUTHORIZED_KEYS} # other variables not in config file AUTHORIZED_USER_IDS=${MONKEYSPHERE_AUTHORIZED_USER_IDS:="${MONKEYSPHERE_HOME}/authorized_user_ids"} @@ -117,49 +114,26 @@ shift case $COMMAND in 'update-known_hosts'|'update-known-hosts'|'k') - MODE='known_hosts' + # whether or not to check keyservers + CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:=$CHECK_KEYSERVER} - # touch the known_hosts file so that the file permission check - # below won't fail upon not finding the file - (umask 0022 && touch "$KNOWN_HOSTS") - - # check permissions on the known_hosts file path - check_key_file_permissions "$USER" "$KNOWN_HOSTS" || failure - - # if hosts are specified on the command line, process just - # those hosts + # if hosts are specified on the command line, process just + # those hosts if [ "$1" ] ; then update_known_hosts "$@" RETURN="$?" - # otherwise, if no hosts are specified, process every host - # in the user's known_hosts file + # otherwise, if no hosts are specified, process every host + # in the user's known_hosts file else - # exit if the known_hosts file does not exist - if [ ! -e "$KNOWN_HOSTS" ] ; then - log error "known_hosts file '$KNOWN_HOSTS' does not exist." - exit - fi - process_known_hosts RETURN="$?" fi ;; 'update-authorized_keys'|'update-authorized-keys'|'a') - MODE='authorized_keys' - - # check permissions on the authorized_user_ids file path - check_key_file_permissions "$USER" "$AUTHORIZED_USER_IDS" || failure - - # check permissions on the authorized_keys file path - check_key_file_permissions "$USER" "$AUTHORIZED_KEYS" || failure - - # exit if the authorized_user_ids file is empty - if [ ! -e "$AUTHORIZED_USER_IDS" ] ; then - log error "authorized_user_ids file '$AUTHORIZED_USER_IDS' does not exist." - exit - fi + # whether or not to check keyservers + CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:=$CHECK_KEYSERVER} # process authorized_user_ids file process_authorized_user_ids "$AUTHORIZED_USER_IDS" diff --git a/src/monkeysphere-authentication b/src/monkeysphere-authentication index 1def4cd..0e60cc4 100755 --- a/src/monkeysphere-authentication +++ b/src/monkeysphere-authentication @@ -85,7 +85,7 @@ gpg_sphere() { GNUPGHOME="$GNUPGHOME_SPHERE" export GNUPGHOME - su_monkeysphere_user "gpg --no-greeting --quiet --no-tty $@" + su_monkeysphere_user "gpg --no-greeting --no-tty $@" } # output to stdout the core fingerprint from the gpg core secret @@ -108,29 +108,24 @@ gpg_core_sphere_sig_transfer() { # MAIN ######################################################################## -# unset variables that should be defined only in config file of in -# MONKEYSPHERE_ variables -unset LOG_LEVEL -unset KEYSERVER -unset AUTHORIZED_USER_IDS -unset RAW_AUTHORIZED_KEYS -unset MONKEYSPHERE_USER -unset PROMPT +# set unset default variables +AUTHORIZED_USER_IDS="%h/.monkeysphere/authorized_user_ids" +RAW_AUTHORIZED_KEYS="%h/.ssh/authorized_keys" # load configuration file -[ -e ${MONKEYSPHERE_AUTHENTICATION_CONFIG:="${SYSCONFIGDIR}/monkeysphere-authentication.conf"} ] && . "$MONKEYSPHERE_AUTHENTICATION_CONFIG" - -# set empty config variable with ones from the environment, or with -# defaults -LOG_LEVEL=${MONKEYSPHERE_LOG_LEVEL:=${LOG_LEVEL:="INFO"}} -KEYSERVER=${MONKEYSPHERE_KEYSERVER:=${KEYSERVER:="pool.sks-keyservers.net"}} -AUTHORIZED_USER_IDS=${MONKEYSPHERE_AUTHORIZED_USER_IDS:=${AUTHORIZED_USER_IDS:="%h/.monkeysphere/authorized_user_ids"}} -RAW_AUTHORIZED_KEYS=${MONKEYSPHERE_RAW_AUTHORIZED_KEYS:=${RAW_AUTHORIZED_KEYS:="%h/.ssh/authorized_keys"}} -MONKEYSPHERE_USER=${MONKEYSPHERE_MONKEYSPHERE_USER:=${MONKEYSPHERE_USER:="monkeysphere"}} -PROMPT=${MONKEYSPHERE_PROMPT:=${PROMPT:="true"}} +[ -e ${MONKEYSPHERE_AUTHENTICATION_CONFIG:="${SYSCONFIGDIR}/monkeysphere-authentication.conf"} ] \ + && . "$MONKEYSPHERE_AUTHENTICATION_CONFIG" + +# set empty config variable with ones from the environment +LOG_LEVEL=${MONKEYSPHERE_LOG_LEVEL:=$LOG_LEVEL} +KEYSERVER=${MONKEYSPHERE_KEYSERVER:=$KEYSERVER} +CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:=$CHECK_KEYSERVER} +MONKEYSPHERE_USER=${MONKEYSPHERE_MONKEYSPHERE_USER:=$MONKEYSPHERE_USER} +PROMPT=${MONKEYSPHERE_PROMPT:=$PROMPT} +AUTHORIZED_USER_IDS=${MONKEYSPHERE_AUTHORIZED_USER_IDS:=$AUTHORIZED_USER_IDS} +RAW_AUTHORIZED_KEYS=${MONKEYSPHERE_RAW_AUTHORIZED_KEYS:=$RAW_AUTHORIZED_KEYS} # other variables -CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:="true"} REQUIRED_USER_KEY_CAPABILITY=${MONKEYSPHERE_REQUIRED_USER_KEY_CAPABILITY:="a"} GNUPGHOME_CORE=${MONKEYSPHERE_GNUPGHOME_CORE:="${MADATADIR}/core"} GNUPGHOME_SPHERE=${MONKEYSPHERE_GNUPGHOME_SPHERE:="${MADATADIR}/sphere"} diff --git a/src/monkeysphere-host b/src/monkeysphere-host index a86a8c9..152b469 100755 --- a/src/monkeysphere-host +++ b/src/monkeysphere-host @@ -204,38 +204,31 @@ show_key() { # MAIN ######################################################################## -# unset variables that should be defined only in config file or in -# MONKEYSPHERE_ variables -unset LOG_LEVEL -unset KEYSERVER -unset MONKEYSPHERE_USER -unset PROMPT - # load configuration file -[ -e ${MONKEYSPHERE_HOST_CONFIG:="${SYSCONFIGDIR}/monkeysphere-host.conf"} ] && . "$MONKEYSPHERE_HOST_CONFIG" +[ -e ${MONKEYSPHERE_HOST_CONFIG:="${SYSCONFIGDIR}/monkeysphere-host.conf"} ] \ + && . "$MONKEYSPHERE_HOST_CONFIG" # set empty config variable with ones from the environment, or with # defaults -LOG_LEVEL=${MONKEYSPHERE_LOG_LEVEL:=${LOG_LEVEL:="INFO"}} -KEYSERVER=${MONKEYSPHERE_KEYSERVER:=${KEYSERVER:="pool.sks-keyservers.net"}} -MONKEYSPHERE_USER=${MONKEYSPHERE_MONKEYSPHERE_USER:=${MONKEYSPHERE_USER:="monkeysphere"}} -PROMPT=${MONKEYSPHERE_PROMPT:=${PROMPT:="true"}} +LOG_LEVEL=${MONKEYSPHERE_LOG_LEVEL:=$LOG_LEVEL} +KEYSERVER=${MONKEYSPHERE_KEYSERVER:=$KEYSERVER} +CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:=$CHECK_KEYSERVER} +MONKEYSPHERE_USER=${MONKEYSPHERE_MONKEYSPHERE_USER:=$MONKEYSPHERE_USER} +PROMPT=${MONKEYSPHERE_PROMPT:=$PROMPT} # other variables -CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:="true"} GNUPGHOME_HOST=${MONKEYSPHERE_GNUPGHOME_HOST:="${MHDATADIR}"} # export variables needed in su invocation export DATE -export MODE export LOG_LEVEL export KEYSERVER +export CHECK_KEYSERVER export MONKEYSPHERE_USER export PROMPT -export CHECK_KEYSERVER export GNUPGHOME_HOST export GNUPGHOME -export HOST_FINGERPRINT= +export HOST_FINGERPRINT # get subcommand COMMAND="$1" @@ -302,6 +295,10 @@ case $COMMAND in diagnostics ;; + 'update-gpg-pub-file') + update_gpg_pub_file + ;; + 'version'|'v') echo "$VERSION" ;; diff --git a/src/share/common b/src/share/common index 6b7d51b..96fea77 100644 --- a/src/share/common +++ b/src/share/common @@ -23,6 +23,21 @@ export SYSCONFIGDIR # monkeysphere version VERSION=__VERSION__ +# default log level +LOG_LEVEL="INFO" + +# default keyserver +KEYSERVER="pool.sks-keyservers.net" + +# whether or not to check keyservers by defaul +CHECK_KEYSERVER="true" + +# default monkeysphere user +MONKEYSPHERE_USER="monkeysphere" + +# default about whether or not to prompt +PROMPT="true" + ######################################################################## ### UTILITY FUNCTIONS @@ -800,6 +815,9 @@ process_host_known_hosts() { local sshKey local tmpfile + # set the key processing mode + export MODE='known_hosts' + host="$1" userID="ssh://${host}" @@ -879,6 +897,13 @@ update_known_hosts() { nHostsOK=0 nHostsBAD=0 + # touch the known_hosts file so that the file permission check + # below won't fail upon not finding the file + (umask 0022 && touch "$KNOWN_HOSTS") + + # check permissions on the known_hosts file path + check_key_file_permissions "$USER" "$KNOWN_HOSTS" || failure + # create a lockfile on known_hosts: lock create "$KNOWN_HOSTS" # FIXME: we're discarding any pre-existing EXIT trap; is this bad? @@ -933,6 +958,11 @@ update_known_hosts() { process_known_hosts() { local hosts + # exit if the known_hosts file does not exist + if [ ! -e "$KNOWN_HOSTS" ] ; then + failure "known_hosts file '$KNOWN_HOSTS' does not exist." + fi + log debug "processing known_hosts file..." hosts=$(meat "$KNOWN_HOSTS" | cut -d ' ' -f 1 | grep -v '^|.*$' | tr , ' ' | tr '\n' ' ') @@ -956,6 +986,9 @@ process_uid_authorized_keys() { local ok local sshKey + # set the key processing mode + export MODE='authorized_keys' + userID="$1" log verbose "processing: $userID" @@ -1017,6 +1050,9 @@ update_authorized_keys() { nIDsOK=0 nIDsBAD=0 + # check permissions on the authorized_keys file path + check_key_file_permissions "$USER" "$AUTHORIZED_KEYS" || failure + # create a lockfile on authorized_keys lock create "$AUTHORIZED_KEYS" # FIXME: we're discarding any pre-existing EXIT trap; is this bad? @@ -1082,6 +1118,14 @@ process_authorized_user_ids() { authorizedUserIDs="$1" + # exit if the authorized_user_ids file is empty + if [ ! -e "$authorizedUserIDs" ] ; then + failure "authorized_user_ids file '$authorizedUserIDs' does not exist." + fi + + # check permissions on the authorized_user_ids file path + check_key_file_permissions "$USER" "$authorizedUserIDs" || failure + log debug "processing authorized_user_ids file..." if ! meat "$authorizedUserIDs" > /dev/null ; then diff --git a/src/share/m/ssh_proxycommand b/src/share/m/ssh_proxycommand index cd0a1fb..29040d8 100644 --- a/src/share/m/ssh_proxycommand +++ b/src/share/m/ssh_proxycommand @@ -15,8 +15,6 @@ # established. Can be added to ~/.ssh/config as follows: # ProxyCommand monkeysphere ssh-proxycommand %h %p -ssh_proxycommand() { - # "marginal case" ouput in the case that there is not a full # validation path to the host output_no_valid_key() { @@ -136,10 +134,9 @@ EOF EOF } -######################################################################## -# export the monkeysphere log level -export MONKEYSPHERE_LOG_LEVEL +# the ssh proxycommand function itself +ssh_proxycommand() { if [ "$1" = '--no-connect' ] ; then NO_CONNECT='true' @@ -170,12 +167,13 @@ URI="ssh://${HOSTP}" # intentionally different than that of running monkeyesphere normally, # and keyserver checking is intentionally done under certain # circumstances. This can be overridden by setting the -# MONKEYSPHERE_CHECK_KEYSERVER environment variable. +# MONKEYSPHERE_CHECK_KEYSERVER environment variable, or by setting the +# CHECK_KEYSERVER variable in the monkeysphere.conf file. # if the host is in the gpg keyring... if gpg --list-key ="${URI}" 2>&1 >/dev/null ; then # do not check the keyserver - CHECK_KEYSERVER="false" + CHECK_KEYSERVER=${CHECK_KEYSERVER:="false"} # if the host is NOT in the keyring... else @@ -188,20 +186,22 @@ else # FIXME: more nuanced checking should be done here to properly # take into consideration hosts that join monkeysphere by # converting an existing and known ssh key - CHECK_KEYSERVER="false" + CHECK_KEYSERVER=${CHECK_KEYSERVER:="false"} # if the host key is not found in the known_hosts file... else # check the keyserver - CHECK_KEYSERVER="true" + CHECK_KEYSERVER=${CHECK_KEYSERVER:="true"} fi fi -# set and export the variable for use by monkeysphere -MONKEYSPHERE_CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:="$CHECK_KEYSERVER"} -export MONKEYSPHERE_CHECK_KEYSERVER + +# finally look in the MONKEYSPHERE_ environment variable for a +# CHECK_KEYSERVER setting to override all else +CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:=$CHECK_KEYSERVER} # update the known_hosts file for the host -monkeysphere update-known_hosts "$HOSTP" +source "${MSHAREDIR}/update_known_hosts" +update_known_hosts "$HOSTP" # output on depending on the return of the update-known_hosts # subcommand, which is (ultimately) the return code of the -- cgit v1.2.3 From 4465c13b93d3d4bc1cb59c5506775b4fc0274058 Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Thu, 19 Feb 2009 01:20:33 -0500 Subject: tweak some of the prompting, to change defaults, and add PROMPT usage where missing --- src/share/m/gen_subkey | 12 ++++++++---- src/share/ma/add_certifier | 2 +- src/share/ma/remove_certifier | 2 +- src/share/mh/add_hostname | 4 ++-- src/share/mh/add_revoker | 2 +- src/share/mh/publish_key | 4 ++-- src/share/mh/revoke_hostname | 4 ++-- src/share/mh/set_expire | 2 +- 8 files changed, 18 insertions(+), 14 deletions(-) (limited to 'src/share/m') diff --git a/src/share/m/gen_subkey b/src/share/m/gen_subkey index 19d384d..d926ad5 100644 --- a/src/share/m/gen_subkey +++ b/src/share/m/gen_subkey @@ -86,12 +86,16 @@ Type '$PGRM help' for usage." fi # if authentication key is valid, prompt to continue if [ "$validity" = 'u' ] ; then - echo "A valid authentication key already exists for primary key '$keyID'." - read -p "Are you sure you would like to generate another one? (y/N) " OK; OK=${OK:N} - if [ "${OK/y/Y}" != 'Y' ] ; then + log error "A valid authentication key already exists for primary key '$keyID'." + if [ "$PROMPT" = "true" ] ; then + read -p "Are you sure you would like to generate another one? (y/N) " OK; OK=${OK:N} + if [ "${OK/y/Y}" != 'Y' ] ; then + failure "aborting." + fi + break + else failure "aborting." fi - break fi done diff --git a/src/share/ma/add_certifier b/src/share/ma/add_certifier index b917a74..9865e5c 100644 --- a/src/share/ma/add_certifier +++ b/src/share/ma/add_certifier @@ -111,7 +111,7 @@ gpg_sphere "--fingerprint 0x${fingerprint}!" if [ "$PROMPT" = "true" ] ; then echo "Are you sure you want to add the above key as a" - read -p "certifier of users on this system? (y/N) " OK; OK=${OK:-N} + read -p "certifier of users on this system? (Y/n) " OK; OK=${OK:-Y} if [ "${OK/y/Y}" != 'Y' ] ; then failure "Identity certifier not added." fi diff --git a/src/share/ma/remove_certifier b/src/share/ma/remove_certifier index 10aa67b..95f6dff 100644 --- a/src/share/ma/remove_certifier +++ b/src/share/ma/remove_certifier @@ -27,7 +27,7 @@ fi gpg_core --list-key --fingerprint "0x${keyID}!" || failure if [ "$PROMPT" = "true" ] ; then - read -p "Really remove above listed identity certifier? (y/N) " OK; OK=${OK:-N} + read -p "Really remove above listed identity certifier? (Y/n) " OK; OK=${OK:-Y} if [ "${OK/y/Y}" != 'Y' ] ; then failure "Identity certifier not removed." fi diff --git a/src/share/mh/add_hostname b/src/share/mh/add_hostname index 70bbec3..0da6a06 100644 --- a/src/share/mh/add_hostname +++ b/src/share/mh/add_hostname @@ -34,8 +34,8 @@ find_host_userid > /dev/null && \ if [ "$PROMPT" = "true" ] ; then echo "The following user ID will be added to the host key:" echo " $userID" - read -p "Are you sure you would like to add this user ID? (y/N) " OK; OK=${OK:=N} - if [ ${OK/y/Y} != 'Y' ] ; then + read -p "Are you sure you would like to add this user ID? (Y/n) " OK; OK=${OK:=Y} + if [ "${OK/y/Y}" != 'Y' ] ; then failure "User ID not added." fi else diff --git a/src/share/mh/add_revoker b/src/share/mh/add_revoker index bdcb749..21dc0bb 100644 --- a/src/share/mh/add_revoker +++ b/src/share/mh/add_revoker @@ -79,7 +79,7 @@ gpg_host --fingerprint "0x${fingerprint}!" if [ "$PROMPT" = "true" ] ; then echo "Are you sure you want to add the above key as a" - read -p "revoker of the host key? (y/N) " OK; OK=${OK:-N} + read -p "revoker of the host key? (Y/n) " OK; OK=${OK:-Y} if [ "${OK/y/Y}" != 'Y' ] ; then failure "revoker not added." fi diff --git a/src/share/mh/publish_key b/src/share/mh/publish_key index 37b8a72..05faa0b 100644 --- a/src/share/mh/publish_key +++ b/src/share/mh/publish_key @@ -18,8 +18,8 @@ publish_key() { local GNUPGHOME if [ "$PROMPT" = "true" ] ; then - read -p "Really publish host key to $KEYSERVER? (y/N) " OK; OK=${OK:=N} - if [ ${OK/y/Y} != 'Y' ] ; then + read -p "Really publish host key to $KEYSERVER? (Y/n) " OK; OK=${OK:=Y} + if [ "${OK/y/Y}" != 'Y' ] ; then failure "key not published." fi else diff --git a/src/share/mh/revoke_hostname b/src/share/mh/revoke_hostname index 77f1f0d..92383a0 100644 --- a/src/share/mh/revoke_hostname +++ b/src/share/mh/revoke_hostname @@ -45,8 +45,8 @@ uidIndex=$(find_host_userid) || \ if [ "$PROMPT" = "true" ] ; then echo "The following host key user ID will be revoked:" echo " $userID" - read -p "Are you sure you would like to revoke this user ID? (y/N) " OK; OK=${OK:=N} - if [ ${OK/y/Y} != 'Y' ] ; then + read -p "Are you sure you would like to revoke this user ID? (N/y) " OK; OK=${OK:=Y} + if [ "${OK/y/Y}" != 'Y' ] ; then failure "User ID not revoked." fi else diff --git a/src/share/mh/set_expire b/src/share/mh/set_expire index ae7c13a..63e5c55 100644 --- a/src/share/mh/set_expire +++ b/src/share/mh/set_expire @@ -22,7 +22,7 @@ local extendTo extendTo=$(get_gpg_expiration "$1") if [ "$PROMPT" = "true" ] ; then - read -p "Are you sure you want to change the expiration on the host key to '$extendTo'? (y/N) " OK; OK=${OK:-N} + read -p "Are you sure you want to change the expiration on the host key to '$extendTo'? (Y/n) " OK; OK=${OK:-Y} if [ "${OK/y/Y}" != 'Y' ] ; then failure "expiration not set." fi -- cgit v1.2.3 From 46f3e179ad569e247b85d86933ef1782fd1379f6 Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Thu, 19 Feb 2009 03:49:23 -0500 Subject: fix CHECK_KEYSERVER variable in monkeysphere, so the default is correct for proxycommand, and fix an errant bad line in proxycommand. --- src/monkeysphere | 8 ++++++-- src/share/m/ssh_proxycommand | 1 - 2 files changed, 6 insertions(+), 3 deletions(-) (limited to 'src/share/m') diff --git a/src/monkeysphere b/src/monkeysphere index a626a8e..992ca06 100755 --- a/src/monkeysphere +++ b/src/monkeysphere @@ -69,6 +69,10 @@ KNOWN_HOSTS="${HOME}/.ssh/known_hosts" HASH_KNOWN_HOSTS="true" AUTHORIZED_KEYS="${HOME}/.ssh/authorized_keys" +# unset the check keyserver variable, since that needs to have +# different defaults for the different functions +unset CHECK_KEYSERVER + # load global config [ -r "${SYSCONFIGDIR}/monkeysphere.conf" ] \ && . "${SYSCONFIGDIR}/monkeysphere.conf" @@ -115,7 +119,7 @@ shift case $COMMAND in 'update-known_hosts'|'update-known-hosts'|'k') # whether or not to check keyservers - CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:=$CHECK_KEYSERVER} + CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:=${CHECK_KEYSERVER:="true"}} # if hosts are specified on the command line, process just # those hosts @@ -133,7 +137,7 @@ case $COMMAND in 'update-authorized_keys'|'update-authorized-keys'|'a') # whether or not to check keyservers - CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:=$CHECK_KEYSERVER} + CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:=${CHECK_KEYSERVER:="true"}} # process authorized_user_ids file process_authorized_user_ids "$AUTHORIZED_USER_IDS" diff --git a/src/share/m/ssh_proxycommand b/src/share/m/ssh_proxycommand index 29040d8..d7e801e 100644 --- a/src/share/m/ssh_proxycommand +++ b/src/share/m/ssh_proxycommand @@ -200,7 +200,6 @@ fi CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:=$CHECK_KEYSERVER} # update the known_hosts file for the host -source "${MSHAREDIR}/update_known_hosts" update_known_hosts "$HOSTP" # output on depending on the return of the update-known_hosts -- cgit v1.2.3 From 85c1f65ccd66be7f7ca939729f84bfab0603fdab Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 19 Feb 2009 04:30:47 -0500 Subject: added msmktempfile; got rid of /dev/stdin assumption in ssh_proxycommand for portability --- src/share/common | 9 +++++++-- src/share/m/ssh_proxycommand | 8 ++++---- 2 files changed, 11 insertions(+), 6 deletions(-) (limited to 'src/share/m') diff --git a/src/share/common b/src/share/common index 1c16ac6..bfe73a3 100644 --- a/src/share/common +++ b/src/share/common @@ -149,9 +149,14 @@ cutline() { head --line="$1" "$2" | tail -1 } -# make a temporary directly +# make a temporary directory msmktempdir() { - mktemp -d ${TMPDIR:-/tmp}/tmp.XXXXXXXXXX + mktemp -d ${TMPDIR:-/tmp}/monkeysphere.XXXXXXXXXX +} + +# make a temporary file +msmktempfile() { + mktemp ${TMPDIR:-/tmp}/monkeysphere.XXXXXXXXXX } # this is a wrapper for doing lock functions. diff --git a/src/share/m/ssh_proxycommand b/src/share/m/ssh_proxycommand index d7e801e..e07b637 100644 --- a/src/share/m/ssh_proxycommand +++ b/src/share/m/ssh_proxycommand @@ -64,11 +64,11 @@ An OpenPGP key matching the ssh key offered by the host was found: EOF - # do some crazy "Here Strings" redirection to get the key to - # ssh-keygen, since it doesn't read from stdin cleanly - sshFingerprint=$(ssh-keygen -l -f /dev/stdin \ - <<<$(echo "$sshKeyGPG") | \ + sshKeyGPGFile=$(msmktempfile) + printf "%s" "$sshKeyGPG" >"$sshKeyGPGFile" + sshFingerprint=$(ssh-keygen -l -f "$sshKeyGPGFile" \ awk '{ print $2 }') + rm -f "$sshKeyGPGFile" # get the sigs for the matching key gpgSigOut=$(gpg --check-sigs \ -- cgit v1.2.3 From bd64869a3b68ff8a020c381371a8ab1e24a5a0e4 Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Thu, 19 Feb 2009 15:19:02 -0500 Subject: The monkeysphere {import,gen}_subkey functions were not up-to-date. did a lot of work to bring them up-to-date, and better handle argument checking. also updated man page, changelog, and tests/basic. --- man/man1/monkeysphere.1 | 41 ++++++++++++++--------- packaging/debian/changelog | 6 ++-- src/monkeysphere | 82 ++++++++++++++++++++++++++++++++++++++++++--- src/share/m/gen_subkey | 83 ++++++++-------------------------------------- src/share/m/import_subkey | 62 ++++++++++++++++++---------------- src/share/mh/import_key | 9 +++-- tests/basic | 2 +- 7 files changed, 161 insertions(+), 124 deletions(-) (limited to 'src/share/m') diff --git a/man/man1/monkeysphere.1 b/man/man1/monkeysphere.1 index 3ed43e1..345e1d8 100644 --- a/man/man1/monkeysphere.1 +++ b/man/man1/monkeysphere.1 @@ -56,24 +56,32 @@ ID, 1 if no matching keys were found at all, and 2 if matching keys were found but none were acceptable. `a' may be used in place of `update-authorized_keys'. .TP +.B import-subkey FILE [KEYID] +Import an existing ssh RSA key as an authentication subkey for a +private key in your GnuPG keyring. KEYID is the key ID for the +primary key for which the subkey with "authentication" capability will +be imported. If no key ID is specified, but only one key exists in +the secret keyring, that key will be used. `i' may be used in place +of `import-subkey'. +.TP .B gen-subkey [KEYID] Generate an authentication subkey for a private key in your GnuPG -keyring. For the primary key with the specified key ID, generate a -subkey with "authentication" capability that can be used for -monkeysphere transactions. An expiration length can be specified with -the `-e' or `--expire' option (prompt otherwise). If no key ID is +keyring. KEYID is the key ID for the primary key for which the subkey +with "authentication" capability will be generated. If no key ID is specified, but only one key exists in the secret keyring, that key -will be used. `g' may be used in place of `gen-subkey'. +will be used. The length of the generated key can be specified with +the `--length` or `-l` option. `g' may be used in place of +`gen-subkey'. .TP .B ssh-proxycommand -an ssh proxy command that can be used -to trigger a monkeysphere update of the ssh known_hosts file for a -host that is being connected to with ssh. This works by updating the -known_hosts file for the host first, before an attempted connection to -the host is made. Once the known_hosts file has been updated, a TCP -connection to the host is made by exec'ing netcat(1). Regular ssh -communication is then done over this netcat TCP connection (see -ProxyCommand in ssh_config(5) for more info). +An ssh ProxyCommand that can be used to trigger a monkeysphere update +of the ssh known_hosts file for a host that is being connected to with +ssh. This works by updating the known_hosts file for the host first, +before an attempted connection to the host is made. Once the +known_hosts file has been updated, a TCP connection to the host is +made by exec'ing netcat(1). Regular ssh communication is then done +over this netcat TCP connection (see ProxyCommand in ssh_config(5) for +more info). This command is meant to be run as the ssh "ProxyCommand". This can either be done by specifying the proxy command on the command line: @@ -108,9 +116,10 @@ change in the future, possibly by adding a deferred check, so that hosts that go from non-monkeysphere-enabled to monkeysphere-enabled will be properly checked. -Setting the MONKEYSPHERE_CHECK_KEYSERVER -variable (to `true' or `false') will override the keyserver-checking policy -defined above. +Setting the CHECK_KEYSERVER variable in the config file or the +MONKEYSPHERE_CHECK_KEYSERVER environment variable to either `true' or +`false' will override the keyserver-checking policy defined above and +either always or never check the keyserver for host key updates. .TP .B subkey-to-ssh-agent [ssh-add arguments] diff --git a/packaging/debian/changelog b/packaging/debian/changelog index 6a9ea18..fc317d9 100644 --- a/packaging/debian/changelog +++ b/packaging/debian/changelog @@ -16,12 +16,12 @@ monkeysphere (0.23~pre-1) UNRELEASED; urgency=low functions that require it to be there. * get rid of getopts dependency * added version output option - * check that existing authentication keys are valid in gen_key - function. + * better checks on validity of existing authentication subkeys when + doing monkeysphere {import,gen}_subkey. * add transition infrastructure for major changes between releases (see transitions/README.txt) - -- Daniel Kahn Gillmor Thu, 19 Feb 2009 02:14:44 -0500 + -- Jameson Graef Rollins Thu, 19 Feb 2009 15:11:04 -0500 monkeysphere (0.22-1) unstable; urgency=low diff --git a/src/monkeysphere b/src/monkeysphere index 992ca06..4169f2a 100755 --- a/src/monkeysphere +++ b/src/monkeysphere @@ -45,12 +45,9 @@ Monkeysphere client tool. subcommands: update-known_hosts (k) [HOST]... update known_hosts file update-authorized_keys (a) update authorized_keys file - import-subkey (i) import existing ssh key as gpg subkey - --keyfile (-f) FILE key file to import - --expire (-e) EXPIRE date to expire + import-subkey (i) FILE [KEYID] import existing ssh key as gpg subkey gen-subkey (g) [KEYID] generate an authentication subkey --length (-l) BITS key length in bits (2048) - --expire (-e) EXPIRE date to expire ssh-proxycommand monkeysphere ssh ProxyCommand subkey-to-ssh-agent (s) store authentication subkey in ssh-agent version (v) show version number @@ -59,6 +56,83 @@ subcommands: EOF } +# take a secret key ID and check that only zero or one ID is provided, +# and that it corresponds to only a single secret key ID +check_gpg_sec_key_id() { + local gpgSecOut + + case "$#" in + 0) + gpgSecOut=$(gpg --quiet --fixed-list-mode --list-secret-keys --with-colons 2>/dev/null | egrep '^sec:') + ;; + 1) + gpgSecOut=$(gpg --quiet --fixed-list-mode --list-secret-keys --with-colons "$keyID" | egrep '^sec:') || failure + ;; + *) + failure "You must specify only a single primary key ID." + ;; + esac + + # check that only a single secret key was found + case $(echo "$gpgSecOut" | grep -c '^sec:') in + 0) + failure "No secret keys found. Create an OpenPGP key with the following command: + gpg --gen-key" + ;; + 1) + echo "$gpgSecOut" | cut -d: -f5 + ;; + *) + echo "Multiple primary secret keys found:" | log error + echo "$gpgSecOut" | cut -d: -f5 | log error + echo "Please specify which primary key to use." | log error + failure + ;; + esac +} + +# check that a valid authentication subkey does not already exist +check_gpg_authentication_subkey() { + local keyID + local IFS + local line + local type + local validity + local usage + + keyID="$1" + + # check that a valid authentication key does not already exist + IFS=$'\n' + for line in $(gpg --quiet --fixed-list-mode --list-keys --with-colons "$keyID") ; do + type=$(echo "$line" | cut -d: -f1) + validity=$(echo "$line" | cut -d: -f2) + usage=$(echo "$line" | cut -d: -f12) + + # look at keys only + if [ "$type" != 'pub' -a "$type" != 'sub' ] ; then + continue + fi + # check for authentication capability + if ! check_capability "$usage" 'a' ; then + continue + fi + # if authentication key is valid, prompt to continue + if [ "$validity" = 'u' ] ; then + log error "A valid authentication key already exists for primary key '$keyID'." + if [ "$PROMPT" = "true" ] ; then + read -p "Are you sure you would like to generate another one? (y/N) " OK; OK=${OK:N} + if [ "${OK/y/Y}" != 'Y' ] ; then + failure "aborting." + fi + break + else + failure "aborting." + fi + fi + done +} + ######################################################################## # MAIN ######################################################################## diff --git a/src/share/m/gen_subkey b/src/share/m/gen_subkey index d926ad5..7c3ebb7 100644 --- a/src/share/m/gen_subkey +++ b/src/share/m/gen_subkey @@ -15,10 +15,10 @@ gen_subkey(){ local keyLength - local keyExpire + local gpgSecOut local keyID - local gpgOut - local userID + local editCommands + local fifoDir # get options while true ; do @@ -27,10 +27,6 @@ gen_subkey(){ keyLength="$2" shift 2 ;; - -e|--expire) - keyExpire="$2" - shift 2 - ;; *) if [ "$(echo "$1" | cut -c 1)" = '-' ] ; then failure "Unknown option '$1'. @@ -41,67 +37,11 @@ Type '$PGRM help' for usage." esac done - case "$#" in - 0) - gpgSecOut=$(gpg --quiet --fixed-list-mode --list-secret-keys --with-colons 2>/dev/null | egrep '^sec:') - ;; - 1) - gpgSecOut=$(gpg --quiet --fixed-list-mode --list-secret-keys --with-colons "$1" | egrep '^sec:') || failure - ;; - *) - failure "You must specify only a single primary key ID." - ;; - esac - - # check that only a single secret key was found - case $(echo "$gpgSecOut" | grep -c '^sec:') in - 0) - failure "No secret keys found. Create an OpenPGP key with the following command: - gpg --gen-key" - ;; - 1) - keyID=$(echo "$gpgSecOut" | cut -d: -f5) - ;; - *) - echo "Multiple primary secret keys found:" - echo "$gpgSecOut" | cut -d: -f5 - failure "Please specify which primary key to use." - ;; - esac + # check that the keyID is unique + keyID=$(check_gpg_sec_key_id "$@") - # check that a valid authentication key does not already exist - IFS=$'\n' - for line in $(gpg --quiet --fixed-list-mode --list-keys --with-colons "$keyID") ; do - type=$(echo "$line" | cut -d: -f1) - validity=$(echo "$line" | cut -d: -f2) - usage=$(echo "$line" | cut -d: -f12) - - # look at keys only - if [ "$type" != 'pub' -a "$type" != 'sub' ] ; then - continue - fi - # check for authentication capability - if ! check_capability "$usage" 'a' ; then - continue - fi - # if authentication key is valid, prompt to continue - if [ "$validity" = 'u' ] ; then - log error "A valid authentication key already exists for primary key '$keyID'." - if [ "$PROMPT" = "true" ] ; then - read -p "Are you sure you would like to generate another one? (y/N) " OK; OK=${OK:N} - if [ "${OK/y/Y}" != 'Y' ] ; then - failure "aborting." - fi - break - else - failure "aborting." - fi - fi - done - - # set subkey defaults - # prompt about key expiration if not specified - keyExpire=$(get_gpg_expiration "$keyExpire") + # check that an authentication subkey does not already exist + check_gpg_authentication_subkey "$keyID" # generate the list of commands that will be passed to edit-key editCommands=$(cat < Date: Thu, 19 Feb 2009 15:31:17 -0500 Subject: add a gpg_user function in monkeysphere to add some gpg quieting option, and use it in all gpg invocations. add a trap to subkey_to_ssh_agent. --- src/monkeysphere | 13 +++++++++---- src/share/m/gen_subkey | 2 +- src/share/m/import_subkey | 4 ++-- src/share/m/ssh_proxycommand | 6 +++--- src/share/m/subkey_to_ssh_agent | 13 ++++++++----- 5 files changed, 23 insertions(+), 15 deletions(-) (limited to 'src/share/m') diff --git a/src/monkeysphere b/src/monkeysphere index 4169f2a..cac9a02 100755 --- a/src/monkeysphere +++ b/src/monkeysphere @@ -56,6 +56,11 @@ subcommands: EOF } +# user gpg command to define common options +gpg_user() { + gpg --no-greeting --quiet --no-tty "$@" +} + # take a secret key ID and check that only zero or one ID is provided, # and that it corresponds to only a single secret key ID check_gpg_sec_key_id() { @@ -63,10 +68,10 @@ check_gpg_sec_key_id() { case "$#" in 0) - gpgSecOut=$(gpg --quiet --fixed-list-mode --list-secret-keys --with-colons 2>/dev/null | egrep '^sec:') + gpgSecOut=$(gpg_user --fixed-list-mode --list-secret-keys --with-colons 2>/dev/null | egrep '^sec:') ;; 1) - gpgSecOut=$(gpg --quiet --fixed-list-mode --list-secret-keys --with-colons "$keyID" | egrep '^sec:') || failure + gpgSecOut=$(gpg_user --fixed-list-mode --list-secret-keys --with-colons "$keyID" | egrep '^sec:') || failure ;; *) failure "You must specify only a single primary key ID." @@ -104,7 +109,7 @@ check_gpg_authentication_subkey() { # check that a valid authentication key does not already exist IFS=$'\n' - for line in $(gpg --quiet --fixed-list-mode --list-keys --with-colons "$keyID") ; do + for line in $(gpg_user --fixed-list-mode --list-keys --with-colons "$keyID") ; do type=$(echo "$line" | cut -d: -f1) validity=$(echo "$line" | cut -d: -f2) usage=$(echo "$line" | cut -d: -f12) @@ -119,7 +124,7 @@ check_gpg_authentication_subkey() { fi # if authentication key is valid, prompt to continue if [ "$validity" = 'u' ] ; then - log error "A valid authentication key already exists for primary key '$keyID'." + echo "A valid authentication key already exists for primary key '$keyID'." if [ "$PROMPT" = "true" ] ; then read -p "Are you sure you would like to generate another one? (y/N) " OK; OK=${OK:N} if [ "${OK/y/Y}" != 'Y' ] ; then diff --git a/src/share/m/gen_subkey b/src/share/m/gen_subkey index 7c3ebb7..dbd9dd6 100644 --- a/src/share/m/gen_subkey +++ b/src/share/m/gen_subkey @@ -64,7 +64,7 @@ EOF (umask 077 && mkfifo "$fifoDir/pass") log verbose "generating subkey..." - echo "$editCommands" | gpg --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --edit-key "$keyID" & + echo "$editCommands" | gpg_user --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --edit-key "$keyID" & # FIXME: this needs to fail more gracefully if the passphrase is incorrect passphrase_prompt "Please enter your passphrase for $keyID: " "$fifoDir/pass" diff --git a/src/share/m/import_subkey b/src/share/m/import_subkey index d71c258..f3ca957 100644 --- a/src/share/m/import_subkey +++ b/src/share/m/import_subkey @@ -43,11 +43,11 @@ import_subkey() { if [ "$sshKeyFile" = '-' ] ; then log verbose "importing ssh key from stdin..." ssh2openpgp \ - | gpg --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --import & + | gpg_user --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --import & else log verbose "importing ssh key from file '$sshKeyFile'..." ssh2openpgp <"$sshKeyFile" \ - | gpg --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --import & + | gpg_user --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --import & fi # get the password if needed diff --git a/src/share/m/ssh_proxycommand b/src/share/m/ssh_proxycommand index e07b637..d2b4527 100644 --- a/src/share/m/ssh_proxycommand +++ b/src/share/m/ssh_proxycommand @@ -43,7 +43,7 @@ EOF # found? # get the gpg info for userid - gpgOut=$(gpg --list-key --fixed-list-mode --with-colon \ + gpgOut=$(gpg_user --list-key --fixed-list-mode --with-colon \ --with-fingerprint --with-fingerprint \ ="$userID" 2>/dev/null) @@ -71,7 +71,7 @@ EOF rm -f "$sshKeyGPGFile" # get the sigs for the matching key - gpgSigOut=$(gpg --check-sigs \ + gpgSigOut=$(gpg_user --check-sigs \ --list-options show-uid-validity \ "$keyid") @@ -171,7 +171,7 @@ URI="ssh://${HOSTP}" # CHECK_KEYSERVER variable in the monkeysphere.conf file. # if the host is in the gpg keyring... -if gpg --list-key ="${URI}" 2>&1 >/dev/null ; then +if gpg_user --list-key ="${URI}" 2>&1 >/dev/null ; then # do not check the keyserver CHECK_KEYSERVER=${CHECK_KEYSERVER:="false"} diff --git a/src/share/m/subkey_to_ssh_agent b/src/share/m/subkey_to_ssh_agent index a92718e..818f4f7 100644 --- a/src/share/m/subkey_to_ssh_agent +++ b/src/share/m/subkey_to_ssh_agent @@ -46,7 +46,8 @@ For more details, see: # get list of secret keys (to work around bug # https://bugs.g10code.com/gnupg/issue945): - secretkeys=$(gpg --list-secret-keys --with-colons --fixed-list-mode --fingerprint | \ + secretkeys=$(gpg_user --list-secret-keys --with-colons --fixed-list-mode \ + --fingerprint | \ grep '^fpr:' | cut -f10 -d: | awk '{ print "0x" $1 "!" }') if [ -z "$secretkeys" ]; then @@ -54,7 +55,7 @@ For more details, see: You might want to run 'gpg --gen-key'." fi - authsubkeys=$(gpg --list-secret-keys --with-colons --fixed-list-mode \ + authsubkeys=$(gpg_user --list-secret-keys --with-colons --fixed-list-mode \ --fingerprint --fingerprint $secretkeys | \ cut -f1,5,10,12 -d: | grep -A1 '^ssb:[^:]*::[^:]*a[^:]*$' | \ grep '^fpr::' | cut -f3 -d: | sort -u) @@ -65,6 +66,7 @@ You might want to 'monkeysphere gen-subkey'" fi workingdir=$(msmktempdir) + trap "rm -rf $workingdir" EXIT umask 077 mkfifo "$workingdir/passphrase" keysuccess=1 @@ -79,19 +81,19 @@ You might want to 'monkeysphere gen-subkey'" # fingerprint, but filtering out all / characters to make sure # the filename is legit. - primaryuid=$(gpg --with-colons --list-key "0x${subkey}!" | grep '^pub:' | cut -f10 -d: | tr -d /) + primaryuid=$(gpg_user --with-colons --list-key "0x${subkey}!" | grep '^pub:' | cut -f10 -d: | tr -d /) #kname="[monkeysphere] $primaryuid" kname="$primaryuid" if [ "$1" = '-d' ]; then # we're removing the subkey: - gpg --export "0x${subkey}!" | openpgp2ssh "$subkey" > "$workingdir/$kname" + gpg_user --export "0x${subkey}!" | openpgp2ssh "$subkey" > "$workingdir/$kname" (cd "$workingdir" && ssh-add -d "$kname") else # we're adding the subkey: mkfifo "$workingdir/$kname" - gpg --quiet --passphrase-fd 3 3<"$workingdir/passphrase" \ + gpg_user --passphrase-fd 3 3<"$workingdir/passphrase" \ --export-options export-reset-subkey-passwd,export-minimal,no-export-attributes \ --export-secret-subkeys "0x${subkey}!" | openpgp2ssh "$subkey" > "$workingdir/$kname" & (cd "$workingdir" && DISPLAY=nosuchdisplay SSH_ASKPASS=/bin/false ssh-add "$@" "$kname" Date: Thu, 19 Feb 2009 15:46:23 -0500 Subject: the import_subkey function was in fact not implement at all. MUST FIX! --- src/share/m/import_subkey | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'src/share/m') diff --git a/src/share/m/import_subkey b/src/share/m/import_subkey index f3ca957..1823f71 100644 --- a/src/share/m/import_subkey +++ b/src/share/m/import_subkey @@ -33,6 +33,9 @@ import_subkey() { # check that an authentication subkey does not already exist check_gpg_authentication_subkey "$keyID" + # FIXME: implement! + failure "implement me!" + # setup the temp fifo dir for retrieving the key password log debug "creating password fifo..." fifoDir=$(msmktempdir) @@ -42,11 +45,11 @@ import_subkey() { # import ssh key to as authentication subkey if [ "$sshKeyFile" = '-' ] ; then log verbose "importing ssh key from stdin..." - ssh2openpgp \ + PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" \ | gpg_user --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --import & else log verbose "importing ssh key from file '$sshKeyFile'..." - ssh2openpgp <"$sshKeyFile" \ + PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" <"$sshKeyFile" \ | gpg_user --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --import & fi -- cgit v1.2.3 From 21e298b8df5108b1337d66ba1a39184be4ce0e4e Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Thu, 19 Feb 2009 22:39:00 -0500 Subject: remove import_subkey from monkeysphere usage and man page until we get a chance to fully implement it. --- man/man1/monkeysphere.1 | 8 -------- src/monkeysphere | 1 - src/share/m/import_subkey | 6 +++--- 3 files changed, 3 insertions(+), 12 deletions(-) (limited to 'src/share/m') diff --git a/man/man1/monkeysphere.1 b/man/man1/monkeysphere.1 index 345e1d8..887b5df 100644 --- a/man/man1/monkeysphere.1 +++ b/man/man1/monkeysphere.1 @@ -56,14 +56,6 @@ ID, 1 if no matching keys were found at all, and 2 if matching keys were found but none were acceptable. `a' may be used in place of `update-authorized_keys'. .TP -.B import-subkey FILE [KEYID] -Import an existing ssh RSA key as an authentication subkey for a -private key in your GnuPG keyring. KEYID is the key ID for the -primary key for which the subkey with "authentication" capability will -be imported. If no key ID is specified, but only one key exists in -the secret keyring, that key will be used. `i' may be used in place -of `import-subkey'. -.TP .B gen-subkey [KEYID] Generate an authentication subkey for a private key in your GnuPG keyring. KEYID is the key ID for the primary key for which the subkey diff --git a/src/monkeysphere b/src/monkeysphere index cac9a02..a65cef6 100755 --- a/src/monkeysphere +++ b/src/monkeysphere @@ -45,7 +45,6 @@ Monkeysphere client tool. subcommands: update-known_hosts (k) [HOST]... update known_hosts file update-authorized_keys (a) update authorized_keys file - import-subkey (i) FILE [KEYID] import existing ssh key as gpg subkey gen-subkey (g) [KEYID] generate an authentication subkey --length (-l) BITS key length in bits (2048) ssh-proxycommand monkeysphere ssh ProxyCommand diff --git a/src/share/m/import_subkey b/src/share/m/import_subkey index 1823f71..7333f80 100644 --- a/src/share/m/import_subkey +++ b/src/share/m/import_subkey @@ -19,6 +19,9 @@ import_subkey() { local gpgSecOut local fifoDir + # FIXME: implement! + failure "implement me!" + sshKeyFile="$1" shift @@ -33,9 +36,6 @@ import_subkey() { # check that an authentication subkey does not already exist check_gpg_authentication_subkey "$keyID" - # FIXME: implement! - failure "implement me!" - # setup the temp fifo dir for retrieving the key password log debug "creating password fifo..." fifoDir=$(msmktempdir) -- cgit v1.2.3 From 826bfb547cc82252f18e63a25bb7ee5aeaaebc72 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 19 Feb 2009 22:40:02 -0500 Subject: correcting ssh_proxycommand output. --- src/share/m/ssh_proxycommand | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/share/m') diff --git a/src/share/m/ssh_proxycommand b/src/share/m/ssh_proxycommand index e07b637..0a81500 100644 --- a/src/share/m/ssh_proxycommand +++ b/src/share/m/ssh_proxycommand @@ -66,7 +66,7 @@ EOF sshKeyGPGFile=$(msmktempfile) printf "%s" "$sshKeyGPG" >"$sshKeyGPGFile" - sshFingerprint=$(ssh-keygen -l -f "$sshKeyGPGFile" \ + sshFingerprint=$(ssh-keygen -l -f "$sshKeyGPGFile" | \ awk '{ print $2 }') rm -f "$sshKeyGPGFile" -- cgit v1.2.3 From 2401c44bf177ca12f135109eb03b8610313f0218 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Fri, 20 Feb 2009 00:50:46 -0500 Subject: document why monkeysphere import-subkey is not yet working. --- src/share/m/import_subkey | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'src/share/m') diff --git a/src/share/m/import_subkey b/src/share/m/import_subkey index 7333f80..8d60f26 100644 --- a/src/share/m/import_subkey +++ b/src/share/m/import_subkey @@ -13,6 +13,11 @@ # import an existing ssh key as a gpg subkey +## 2009-02-20 00:49:11-0500: This is not implemented yet, because we +## don't currently have a good way to manipulate the user's OpenPGP +## secret key such that we could make a proper subkey binding +## signature. + import_subkey() { local sshKeyFile local keyID @@ -20,7 +25,7 @@ import_subkey() { local fifoDir # FIXME: implement! - failure "implement me!" + failure "import-subkey is not implemented yet. We welcome patches. Sorry!" sshKeyFile="$1" shift -- cgit v1.2.3