From c4f049f6a8dfd1e0e301a6abffafb5c0012ccc0e Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Thu, 12 Feb 2009 13:25:35 -0500 Subject: break out a bunch of common functions in monkeysphere-host: - create_*_*_file to create the key files - load_*fingerprint to load the host fingerprint into an exported variable (HOST_FINGERPRINT) - check_host_*key to check for the presence of a host key modified {import,gen}_key to use these new functions. --- src/share/mh/import_key | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) (limited to 'src/share/mh/import_key') diff --git a/src/share/mh/import_key b/src/share/mh/import_key index 99511a8..9be8dce 100644 --- a/src/share/mh/import_key +++ b/src/share/mh/import_key @@ -16,10 +16,6 @@ import_key() { local hostName local userID -# check for presense of a key -[ "$HOST_FINGERPRINT" ] && \ - failure "An OpenPGP host key already exists." - hostName=${1:-$(hostname -f)} userID="ssh://${hostName}" @@ -33,12 +29,11 @@ log verbose "importing ssh key..." PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" | \ gpg_host --import -# find the key fingerprint of the newly converted key -HOST_FINGERPRINT=$(get_host_fingerprint) -export HOST_FINGERPRINT +# load the new host fpr into the fpr variable +load_fingerprint_secret -# export public key to file -gpg_host_export_to_ssh_file +# export to gpg public key to file +create_gpg_pub_file # show info about new key show_key -- cgit v1.2.3 From d06d6df892ab42e184d22f9a6686ae6689a711a1 Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Sun, 15 Feb 2009 22:50:35 -0500 Subject: have the import_key also create the ssh pub file, since it is needed to show full host key info. --- src/share/mh/import_key | 3 +++ 1 file changed, 3 insertions(+) (limited to 'src/share/mh/import_key') diff --git a/src/share/mh/import_key b/src/share/mh/import_key index 9be8dce..9415b4d 100644 --- a/src/share/mh/import_key +++ b/src/share/mh/import_key @@ -32,6 +32,9 @@ PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" | \ # load the new host fpr into the fpr variable load_fingerprint_secret +# export to ssh public key file +create_ssh_pub_file + # export to gpg public key to file create_gpg_pub_file -- cgit v1.2.3 From 9f033ac0c9a96acbbc583327026adb37e4d5a8a9 Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Sun, 15 Feb 2009 23:25:51 -0500 Subject: Change import_key to take the path to the file to import as an argument. dkg won't like this, but I think it's necessary so that we can generate the ssh pub key file, which is needed for subsequenty works. --- src/share/mh/import_key | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) (limited to 'src/share/mh/import_key') diff --git a/src/share/mh/import_key b/src/share/mh/import_key index 9415b4d..cab2cf5 100644 --- a/src/share/mh/import_key +++ b/src/share/mh/import_key @@ -13,11 +13,14 @@ import_key() { +local keyFile local hostName local userID -hostName=${1:-$(hostname -f)} +keyFile="$1" +[ -f "$keyFile" ] +hostName=${2:-$(hostname -f)} userID="ssh://${hostName}" # create host home @@ -26,14 +29,16 @@ chmod 700 "$GNUPGHOME_HOST" log verbose "importing ssh key..." # translate ssh key to a private key -PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" | \ - gpg_host --import +PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" <"$keyFile" \ + | gpg_host --import # load the new host fpr into the fpr variable load_fingerprint_secret -# export to ssh public key file -create_ssh_pub_file +# export the host public key to the monkeysphere ssh pub key file +log debug "creating ssh public key file..." +ssh-keygen -y -f "$keyFile" > "$HOST_KEY_PUB" +log info "SSH host public key file: $HOST_KEY_PUB" # export to gpg public key to file create_gpg_pub_file -- cgit v1.2.3 From b55981fb8aa689aede58ed7ab4d8692c52b5c472 Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Mon, 16 Feb 2009 01:08:28 -0500 Subject: make sure MHTMPDIR is defined and created --- src/monkeysphere-host | 4 ++++ src/share/mh/add_revoker | 2 +- src/share/mh/gen_key | 6 ++++-- src/share/mh/import_key | 6 ++++-- 4 files changed, 13 insertions(+), 5 deletions(-) (limited to 'src/share/mh/import_key') diff --git a/src/monkeysphere-host b/src/monkeysphere-host index 32d843b..d6e4c68 100755 --- a/src/monkeysphere-host +++ b/src/monkeysphere-host @@ -32,6 +32,10 @@ MHSHAREDIR="${SYSSHAREDIR}/mh" # datadir for host functions MHDATADIR="${SYSDATADIR}/host" +# temp directory for temp gnupghome directories for add_revoker +MHTMPDIR="${MHDATADIR}/tmp" +export MHTMPDIR + # host pub key files HOST_KEY_PUB="${SYSDATADIR}/ssh_host_rsa_key.pub" HOST_KEY_PUB_GPG="${SYSDATADIR}/ssh_host_rsa_key.pub.gpg" diff --git a/src/share/mh/add_revoker b/src/share/mh/add_revoker index 8d160a8..5b637a5 100644 --- a/src/share/mh/add_revoker +++ b/src/share/mh/add_revoker @@ -53,7 +53,7 @@ if [ -f "$keyID" ] ; then fi else # create a temporary directory for storing the downloaded key - TMPLOC=$(mktemp -d ${MHTMPDIR}/tmp.XXXXXXXXXX) || failure "Could not create temporary directory!" + TMPLOC=$(mktemp -d "${MHTMPDIR}"/tmp.XXXXXXXXXX) || failure "Could not create temporary directory!" # download the key from the keyserver as the monkeysphere user su_monkeysphere_user \ diff --git a/src/share/mh/gen_key b/src/share/mh/gen_key index 3b9a269..96053bc 100644 --- a/src/share/mh/gen_key +++ b/src/share/mh/gen_key @@ -41,8 +41,10 @@ hostName=${1:-$(hostname -f)} userID="ssh://${hostName}" # create host home -mkdir -p "$GNUPGHOME_HOST" -chmod 700 "$GNUPGHOME_HOST" +mkdir -p "${MHDATADIR}" +mkdir -p "${MHTMPDIR}" +mkdir -p "${GNUPGHOME_HOST}" +chmod 700 "${GNUPGHOME_HOST}" log debug "generating host key..." gpg_host --batch --gen-key < Date: Mon, 16 Feb 2009 20:15:58 -0500 Subject: Stop all creation of a ssh_host_rsa_key.pub. Use openpgp2ssh to get the fingerprint from the host pgp public key. Prevents us from having to maintain the ssh pub key file, and generally makes things simpler. Also allows us to go back to having import_key take the key on stdin (which dkg will like). --- src/monkeysphere-host | 40 ++++++++++++---------------------------- src/share/mh/import_key | 18 ++++++------------ 2 files changed, 18 insertions(+), 40 deletions(-) (limited to 'src/share/mh/import_key') diff --git a/src/monkeysphere-host b/src/monkeysphere-host index d6e4c68..64023e0 100755 --- a/src/monkeysphere-host +++ b/src/monkeysphere-host @@ -37,8 +37,7 @@ MHTMPDIR="${MHDATADIR}/tmp" export MHTMPDIR # host pub key files -HOST_KEY_PUB="${SYSDATADIR}/ssh_host_rsa_key.pub" -HOST_KEY_PUB_GPG="${SYSDATADIR}/ssh_host_rsa_key.pub.gpg" +HOST_KEY_FILE="${SYSDATADIR}/ssh_host_rsa_key.pub.gpg" # UTC date in ISO 8601 format if needed DATE=$(date -u '+%FT%T') @@ -95,17 +94,12 @@ gpg_host_edit() { "0x${HOST_FINGERPRINT}!" "$@" } -# export the host key to stdout -gpg_host_export() { - gpg_host --export --armor --export-options export-minimal \ - "0x${HOST_FINGERPRINT}!" -} - # export the host public key to the monkeysphere gpg pub key file create_gpg_pub_file() { log debug "creating openpgp public key file..." - gpg_host_export > "$HOST_KEY_PUB_GPG" - log info "GPG host public key file: $HOST_KEY_PUB_GPG" + gpg_host --export --armor --export-options export-minimal \ + "0x${HOST_FINGERPRINT}!" > "$HOST_KEY_FILE" + log info "GPG host public key file: $HOST_KEY_FILE" } # load the host fingerprint into the fingerprint variable, using the @@ -114,12 +108,12 @@ create_gpg_pub_file() { # stuff. is there a way we can do this without having to create temp # files? load_fingerprint() { - if [ -f "$HOST_KEY_PUB_GPG" ] ; then + if [ -f "$HOST_KEY_FILE" ] ; then HOST_FINGERPRINT=$( \ (FUBAR=$(mktemp -d) && export GNUPGHOME="$FUBAR" \ && gpg --quiet --import \ && gpg --quiet --list-keys --with-colons --with-fingerprint \ - && rm -rf "$FUBAR") <"$HOST_KEY_PUB_GPG" \ + && rm -rf "$FUBAR") <"$HOST_KEY_FILE" \ | grep '^fpr:' | cut -d: -f10 ) else HOST_FINGERPRINT= @@ -135,13 +129,6 @@ load_fingerprint_secret() { | grep '^fpr:' | cut -d: -f10 ) } -# output host key ssh fingerprint -load_ssh_fingerprint() { - [ -f "$HOST_KEY_PUB" ] || return 0 - HOST_FINGERPRINT_SSH=$(ssh-keygen -l -f "$HOST_KEY_PUB" \ - | awk '{ print $1, $2, $4 }') -} - # fail if host key present check_host_key() { [ -z "$HOST_FINGERPRINT" ] \ @@ -186,13 +173,11 @@ show_key() { echo "OpenPGP fingerprint: $HOST_FINGERPRINT" - load_ssh_fingerprint - - if [ "$HOST_FINGERPRINT_SSH" ] ; then - echo "ssh fingerprint: $HOST_FINGERPRINT_SSH" - else - log error "SSH host key not found." - fi + echo -n "ssh fingerprint: " + ssh-keygen -l -f /dev/stdin \ + <<<$( gpg_host --export FEE16FA3 2>/dev/null \ + | openpgp2ssh 8445B5203A8443B4B04F637DD4DE66B2FEE16FA3 2>/dev/null) \ + | awk '{ print $1, $2, $4 }' # FIXME: other relevant key parameters? } @@ -229,7 +214,6 @@ export KEYSERVER export GNUPGHOME_HOST export GNUPGHOME export HOST_FINGERPRINT= -export HOST_FINGERPRINT_SSH= # get subcommand COMMAND="$1" @@ -294,7 +278,7 @@ case $COMMAND in usage: $PGRM expert [options] [args] expert subcommands: - import-key (i) FILE [NAME[:PORT]] import existing ssh key to gpg + import-key (i) [NAME[:PORT]] import existing ssh key to gpg gen-key (g) [NAME[:PORT]] generate gpg key for the host --length (-l) BITS key length in bits (2048) diagnostics (d) monkeysphere host status diff --git a/src/share/mh/import_key b/src/share/mh/import_key index e5982ca..74dc0b3 100644 --- a/src/share/mh/import_key +++ b/src/share/mh/import_key @@ -13,14 +13,10 @@ import_key() { -local keyFile local hostName local userID -keyFile="$1" -[ -f "$keyFile" ] - -hostName=${2:-$(hostname -f)} +hostName=${1:-$(hostname -f)} userID="ssh://${hostName}" # create host home @@ -31,17 +27,15 @@ chmod 700 "${GNUPGHOME_HOST}" log verbose "importing ssh key..." # translate ssh key to a private key -PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" <"$keyFile" \ +PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" \ | gpg_host --import -# load the new host fpr into the fpr variable +# load the new host fpr into the fpr variable. this is so we can +# create the gpg pub key file. we have to do this from the secret key +# ring since we obviously don't have the gpg pub key file yet, since +# that's what we're trying to produce (see below). load_fingerprint_secret -# export the host public key to the monkeysphere ssh pub key file -log debug "creating ssh public key file..." -ssh-keygen -y -f "$keyFile" > "$HOST_KEY_PUB" -log info "SSH host public key file: $HOST_KEY_PUB" - # export to gpg public key to file create_gpg_pub_file -- cgit v1.2.3 From f109b94f07ff55cf99976dc3cfe23b54b3797ad8 Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Mon, 16 Feb 2009 23:45:28 -0500 Subject: add some minimal checks to import_key that the default hostname is legitimate. --- src/share/mh/import_key | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) (limited to 'src/share/mh/import_key') diff --git a/src/share/mh/import_key b/src/share/mh/import_key index 74dc0b3..ac31133 100644 --- a/src/share/mh/import_key +++ b/src/share/mh/import_key @@ -14,9 +14,27 @@ import_key() { local hostName +local domain local userID -hostName=${1:-$(hostname -f)} +hostName="$1" + +# use the default hostname if not specified +if [ -z "$hostName" ] ; then + hostName=$(hostname -f) + # test that the domain is not obviously illegitimate + domain=${foo##*.} + case $domain in + 'local'|'localdomain') + failure "Host domain '$domain' is not legitimate. Aborting key import." + ;; + esac + # test that there are at least two parts + if (( $(echo "$hostName" | tr . ' ' | wc -w) < 2 )) ; then + failure "Host name '$hostName' is not legitimate. Aborting key import." + fi +fi + userID="ssh://${hostName}" # create host home -- cgit v1.2.3 From c28fa7681093d282acad7f14ecad99b6e209c056 Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Tue, 17 Feb 2009 02:02:23 -0500 Subject: set ultimate ownertrust on hostkey after import --- src/share/mh/import_key | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'src/share/mh/import_key') diff --git a/src/share/mh/import_key b/src/share/mh/import_key index ac31133..ed6ee4f 100644 --- a/src/share/mh/import_key +++ b/src/share/mh/import_key @@ -54,6 +54,12 @@ PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" \ # that's what we're trying to produce (see below). load_fingerprint_secret +# set ultimate owner trust on the newly imported key +printf "%s:6:\n" "$HOST_FINGERPRINT" | gpg_host --import-ownertrust + +# update trustdb +gpg_host --check-trustdb + # export to gpg public key to file create_gpg_pub_file -- cgit v1.2.3 From 5eab477a9755178abf56eeba5f658db882611eec Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Tue, 17 Feb 2009 02:23:17 -0500 Subject: rename create_gpg_pub_file to be update_gpg_pub_file, and add it to every function that alters the host keyring, so that all changes will show up in exported pub key file, and in show-key. --- src/monkeysphere-host | 10 +++++----- src/share/mh/add_hostname | 2 ++ src/share/mh/add_revoker | 2 ++ src/share/mh/import_key | 2 +- src/share/mh/revoke_hostname | 2 ++ src/share/mh/set_expire | 2 ++ 6 files changed, 14 insertions(+), 6 deletions(-) (limited to 'src/share/mh/import_key') diff --git a/src/monkeysphere-host b/src/monkeysphere-host index 9d3ccb1..a7b9697 100755 --- a/src/monkeysphere-host +++ b/src/monkeysphere-host @@ -97,11 +97,10 @@ gpg_host_edit() { } # export the host public key to the monkeysphere gpg pub key file -create_gpg_pub_file() { - log debug "creating openpgp public key file..." +update_gpg_pub_file() { + log debug "updating openpgp public key file '$HOST_KEY_FILE'..." gpg_host --export --armor --export-options export-minimal \ "0x${HOST_FINGERPRINT}!" > "$HOST_KEY_FILE" - log info "GPG host public key file: $HOST_KEY_FILE" } # load the host fingerprint into the fingerprint variable, using the @@ -140,7 +139,8 @@ check_host_key() { # fail if host key not present check_host_no_key() { [ -s "$HOST_KEY_FILE" ] \ - || failure "You don't appear to have a Monkeysphere host key on this server. Please run 'monkeysphere-host import-key' first." + || failure "You don't appear to have a Monkeysphere host key on this server. +Please run 'monkeysphere-host import-key' first." } # output the index of a user ID on the host key @@ -184,7 +184,7 @@ show_key() { # list the host key info # FIXME: make no-show-keyring work so we don't have to do the grep'ing - # FIXME: why is this not showing key expiration? + # FIXME: can we show uid validity somehow? gpg --list-keys --fingerprint \ --list-options show-unusable-uids 2>/dev/null \ | grep -v "^${GNUPGHOME}/pubring.gpg$" \ diff --git a/src/share/mh/add_hostname b/src/share/mh/add_hostname index 46326bb..910faf6 100644 --- a/src/share/mh/add_hostname +++ b/src/share/mh/add_hostname @@ -51,6 +51,8 @@ EOF # execute edit-key script if echo "$adduidCommand" | gpg_host_edit ; then + update_gpg_pub_file + show_key echo diff --git a/src/share/mh/add_revoker b/src/share/mh/add_revoker index b6affbb..1464ae8 100644 --- a/src/share/mh/add_revoker +++ b/src/share/mh/add_revoker @@ -97,6 +97,8 @@ failure "not implemented yet!" if echo "$addrevokerCommand" | \ gpg_core_edit ; then + update_gpg_pub_file + log info "Revoker added." else failure "Problem adding revoker." diff --git a/src/share/mh/import_key b/src/share/mh/import_key index ed6ee4f..6f12b7f 100644 --- a/src/share/mh/import_key +++ b/src/share/mh/import_key @@ -61,7 +61,7 @@ printf "%s:6:\n" "$HOST_FINGERPRINT" | gpg_host --import-ownertrust gpg_host --check-trustdb # export to gpg public key to file -create_gpg_pub_file +update_gpg_pub_file # show info about new key show_key diff --git a/src/share/mh/revoke_hostname b/src/share/mh/revoke_hostname index 3addf90..99ba603 100644 --- a/src/share/mh/revoke_hostname +++ b/src/share/mh/revoke_hostname @@ -65,6 +65,8 @@ EOF # execute edit-key script if echo "$revuidCommand" | gpg_host_edit ; then + update_gpg_pub_file + show_key echo diff --git a/src/share/mh/set_expire b/src/share/mh/set_expire index b03e0d0..0b581d9 100644 --- a/src/share/mh/set_expire +++ b/src/share/mh/set_expire @@ -29,6 +29,8 @@ $extendTo save EOF +update_gpg_pub_file + cat < Date: Tue, 17 Feb 2009 19:43:20 -0500 Subject: remove setting of ultimate owner trust on imported host key, since we probably don't want the host keyring to be accepting any certifications for anything. --- src/share/mh/import_key | 6 ------ 1 file changed, 6 deletions(-) (limited to 'src/share/mh/import_key') diff --git a/src/share/mh/import_key b/src/share/mh/import_key index 6f12b7f..d14fc13 100644 --- a/src/share/mh/import_key +++ b/src/share/mh/import_key @@ -54,12 +54,6 @@ PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" \ # that's what we're trying to produce (see below). load_fingerprint_secret -# set ultimate owner trust on the newly imported key -printf "%s:6:\n" "$HOST_FINGERPRINT" | gpg_host --import-ownertrust - -# update trustdb -gpg_host --check-trustdb - # export to gpg public key to file update_gpg_pub_file -- cgit v1.2.3