From 8a22863a92cb1df4ed265aed442166c9f1a5387d Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Sat, 31 Jan 2009 20:43:23 -0500 Subject: change hyphens to underscores in function file names, for consistency with function definitions themselves --- src/subcommands/m/gen-subkey | 127 ----------------- src/subcommands/m/gen_subkey | 127 +++++++++++++++++ src/subcommands/m/import-subkey | 54 -------- src/subcommands/m/import_subkey | 54 ++++++++ src/subcommands/m/ssh-proxycommand | 252 ---------------------------------- src/subcommands/m/ssh_proxycommand | 252 ++++++++++++++++++++++++++++++++++ src/subcommands/m/subkey-to-ssh-agent | 112 --------------- src/subcommands/m/subkey_to_ssh_agent | 112 +++++++++++++++ 8 files changed, 545 insertions(+), 545 deletions(-) delete mode 100644 src/subcommands/m/gen-subkey create mode 100644 src/subcommands/m/gen_subkey delete mode 100644 src/subcommands/m/import-subkey create mode 100644 src/subcommands/m/import_subkey delete mode 100644 src/subcommands/m/ssh-proxycommand create mode 100644 src/subcommands/m/ssh_proxycommand delete mode 100644 src/subcommands/m/subkey-to-ssh-agent create mode 100644 src/subcommands/m/subkey_to_ssh_agent (limited to 'src/subcommands/m') diff --git a/src/subcommands/m/gen-subkey b/src/subcommands/m/gen-subkey deleted file mode 100644 index cbefaa3..0000000 --- a/src/subcommands/m/gen-subkey +++ /dev/null @@ -1,127 +0,0 @@ -# -*-shell-script-*- -# This should be sourced by bash (though we welcome changes to make it POSIX sh compliant) - -# Monkeysphere gen-subkey subcommand -# -# The monkeysphere scripts are written by: -# Jameson Rollins -# Jamie McClelland -# Daniel Kahn Gillmor -# -# They are Copyright 2008-2009, and are all released under the GPL, -# version 3 or later. - -# generate a subkey with the 'a' usage flags set - -gen_subkey(){ - local keyLength - local keyExpire - local keyID - local gpgOut - local userID - - # get options - while true ; do - case "$1" in - -l|--length) - keyLength="$2" - shift 2 - ;; - -e|--expire) - keyExpire="$2" - shift 2 - ;; - *) - if [ "$(echo "$1" | cut -c 1)" = '-' ] ; then - failure "Unknown option '$1'. -Type '$PGRM help' for usage." - fi - break - ;; - esac - done - - case "$#" in - 0) - gpgSecOut=$(gpg --quiet --fixed-list-mode --list-secret-keys --with-colons 2>/dev/null | egrep '^sec:') - ;; - 1) - gpgSecOut=$(gpg --quiet --fixed-list-mode --list-secret-keys --with-colons "$1" | egrep '^sec:') || failure - ;; - *) - failure "You must specify only a single primary key ID." - ;; - esac - - # check that only a single secret key was found - case $(echo "$gpgSecOut" | grep -c '^sec:') in - 0) - failure "No secret keys found. Create an OpenPGP key with the following command: - gpg --gen-key" - ;; - 1) - keyID=$(echo "$gpgSecOut" | cut -d: -f5) - ;; - *) - echo "Multiple primary secret keys found:" - echo "$gpgSecOut" | cut -d: -f5 - failure "Please specify which primary key to use." - ;; - esac - - # check that a valid authentication key does not already exist - IFS=$'\n' - for line in $(gpg --quiet --fixed-list-mode --list-keys --with-colons "$keyID") ; do - type=$(echo "$line" | cut -d: -f1) - validity=$(echo "$line" | cut -d: -f2) - usage=$(echo "$line" | cut -d: -f12) - - # look at keys only - if [ "$type" != 'pub' -a "$type" != 'sub' ] ; then - continue - fi - # check for authentication capability - if ! check_capability "$usage" 'a' ; then - continue - fi - # if authentication key is valid, prompt to continue - if [ "$validity" = 'u' ] ; then - echo "A valid authentication key already exists for primary key '$keyID'." - read -p "Are you sure you would like to generate another one? (y/N) " OK; OK=${OK:N} - if [ "${OK/y/Y}" != 'Y' ] ; then - failure "aborting." - fi - break - fi - done - - # set subkey defaults - # prompt about key expiration if not specified - keyExpire=$(get_gpg_expiration "$keyExpire") - - # generate the list of commands that will be passed to edit-key - editCommands=$(cat < +# Jamie McClelland +# Daniel Kahn Gillmor +# +# They are Copyright 2008-2009, and are all released under the GPL, +# version 3 or later. + +# generate a subkey with the 'a' usage flags set + +gen_subkey(){ + local keyLength + local keyExpire + local keyID + local gpgOut + local userID + + # get options + while true ; do + case "$1" in + -l|--length) + keyLength="$2" + shift 2 + ;; + -e|--expire) + keyExpire="$2" + shift 2 + ;; + *) + if [ "$(echo "$1" | cut -c 1)" = '-' ] ; then + failure "Unknown option '$1'. +Type '$PGRM help' for usage." + fi + break + ;; + esac + done + + case "$#" in + 0) + gpgSecOut=$(gpg --quiet --fixed-list-mode --list-secret-keys --with-colons 2>/dev/null | egrep '^sec:') + ;; + 1) + gpgSecOut=$(gpg --quiet --fixed-list-mode --list-secret-keys --with-colons "$1" | egrep '^sec:') || failure + ;; + *) + failure "You must specify only a single primary key ID." + ;; + esac + + # check that only a single secret key was found + case $(echo "$gpgSecOut" | grep -c '^sec:') in + 0) + failure "No secret keys found. Create an OpenPGP key with the following command: + gpg --gen-key" + ;; + 1) + keyID=$(echo "$gpgSecOut" | cut -d: -f5) + ;; + *) + echo "Multiple primary secret keys found:" + echo "$gpgSecOut" | cut -d: -f5 + failure "Please specify which primary key to use." + ;; + esac + + # check that a valid authentication key does not already exist + IFS=$'\n' + for line in $(gpg --quiet --fixed-list-mode --list-keys --with-colons "$keyID") ; do + type=$(echo "$line" | cut -d: -f1) + validity=$(echo "$line" | cut -d: -f2) + usage=$(echo "$line" | cut -d: -f12) + + # look at keys only + if [ "$type" != 'pub' -a "$type" != 'sub' ] ; then + continue + fi + # check for authentication capability + if ! check_capability "$usage" 'a' ; then + continue + fi + # if authentication key is valid, prompt to continue + if [ "$validity" = 'u' ] ; then + echo "A valid authentication key already exists for primary key '$keyID'." + read -p "Are you sure you would like to generate another one? (y/N) " OK; OK=${OK:N} + if [ "${OK/y/Y}" != 'Y' ] ; then + failure "aborting." + fi + break + fi + done + + # set subkey defaults + # prompt about key expiration if not specified + keyExpire=$(get_gpg_expiration "$keyExpire") + + # generate the list of commands that will be passed to edit-key + editCommands=$(cat < -# Jamie McClelland -# Daniel Kahn Gillmor -# -# They are Copyright 2008-2009, and are all released under the GPL, -# version 3 or later. - -# import an existing ssh key as a gpg subkey - -import_subkey() { - local keyFile="~/.ssh/id_rsa" - local keyExpire - local keyID - local gpgOut - local userID - - # get options - while true ; do - case "$1" in - -f|--keyfile) - keyFile="$2" - shift 2 - ;; - -e|--expire) - keyExpire="$2" - shift 2 - ;; - *) - if [ "$(echo "$1" | cut -c 1)" = '-' ] ; then - failure "Unknown option '$1'. -Type '$PGRM help' for usage." - fi - break - ;; - esac - done - - log verbose "importing ssh key..." - fifoDir=$(mktemp -d ${TMPDIR:-/tmp}/tmp.XXXXXXXXXX) - (umask 077 && mkfifo "$fifoDir/pass") - ssh2openpgp | gpg --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --import & - - passphrase_prompt "Please enter your passphrase for $keyID: " "$fifoDir/pass" - - rm -rf "$fifoDir" - wait - log verbose "done." -} diff --git a/src/subcommands/m/import_subkey b/src/subcommands/m/import_subkey new file mode 100644 index 0000000..aa89958 --- /dev/null +++ b/src/subcommands/m/import_subkey @@ -0,0 +1,54 @@ +# -*-shell-script-*- +# This should be sourced by bash (though we welcome changes to make it POSIX sh compliant) + +# Monkeysphere import-subkey subcommand +# +# The monkeysphere scripts are written by: +# Jameson Rollins +# Jamie McClelland +# Daniel Kahn Gillmor +# +# They are Copyright 2008-2009, and are all released under the GPL, +# version 3 or later. + +# import an existing ssh key as a gpg subkey + +import_subkey() { + local keyFile="~/.ssh/id_rsa" + local keyExpire + local keyID + local gpgOut + local userID + + # get options + while true ; do + case "$1" in + -f|--keyfile) + keyFile="$2" + shift 2 + ;; + -e|--expire) + keyExpire="$2" + shift 2 + ;; + *) + if [ "$(echo "$1" | cut -c 1)" = '-' ] ; then + failure "Unknown option '$1'. +Type '$PGRM help' for usage." + fi + break + ;; + esac + done + + log verbose "importing ssh key..." + fifoDir=$(mktemp -d ${TMPDIR:-/tmp}/tmp.XXXXXXXXXX) + (umask 077 && mkfifo "$fifoDir/pass") + ssh2openpgp | gpg --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --import & + + passphrase_prompt "Please enter your passphrase for $keyID: " "$fifoDir/pass" + + rm -rf "$fifoDir" + wait + log verbose "done." +} diff --git a/src/subcommands/m/ssh-proxycommand b/src/subcommands/m/ssh-proxycommand deleted file mode 100644 index 56a266e..0000000 --- a/src/subcommands/m/ssh-proxycommand +++ /dev/null @@ -1,252 +0,0 @@ -# -*-shell-script-*- -# This should be sourced by bash (though we welcome changes to make it POSIX sh compliant) - -# monkeysphere-ssh-proxycommand: MonkeySphere ssh ProxyCommand hook -# -# The monkeysphere scripts are written by: -# Jameson Rollins -# Daniel Kahn Gillmor -# -# They are Copyright 2008-2009, and are all released under the GPL, -# version 3 or later. - -# This is meant to be run as an ssh ProxyCommand to initiate a -# monkeysphere known_hosts update before an ssh connection to host is -# established. Can be added to ~/.ssh/config as follows: -# ProxyCommand monkeysphere-ssh-proxycommand %h %p - -######################################################################## -PGRM=$(basename $0) - -SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/share/monkeysphere"} -export SYSSHAREDIR -. "${SYSSHAREDIR}/common" || exit 1 - -######################################################################## -# FUNCTIONS -######################################################################## - -usage() { - cat <&2 -usage: ssh -o ProxyCommand="$(basename $0) %h %p" ... -EOF -} - -log() { - echo "$@" >&2 -} - -output_no_valid_key() { - local sshKeyOffered - local userID - local type - local validity - local keyid - local uidfpr - local usage - local sshKeyGPG - local tmpkey - local sshFingerprint - local gpgSigOut - - userID="ssh://${HOSTP}" - - log "-------------------- Monkeysphere warning -------------------" - log "Monkeysphere found OpenPGP keys for this hostname, but none had full validity." - - # retrieve the actual ssh key - sshKeyOffered=$(ssh-keyscan -t rsa -p "$PORT" "$HOST" 2>/dev/null | awk '{ print $2, $3 }') - # FIXME: should we do any checks for failed keyscans, eg. host not - # found? - - # get the gpg info for userid - gpgOut=$(gpg --list-key --fixed-list-mode --with-colon \ - --with-fingerprint --with-fingerprint \ - ="$userID" 2>/dev/null) - - # find all 'pub' and 'sub' lines in the gpg output, which each - # represent a retrieved key for the user ID - echo "$gpgOut" | cut -d: -f1,2,5,10,12 | \ - while IFS=: read -r type validity keyid uidfpr usage ; do - case $type in - 'pub'|'sub') - # get the ssh key of the gpg key - sshKeyGPG=$(gpg2ssh "$keyid") - - # if one of keys found matches the one offered by the - # host, then output info - if [ "$sshKeyGPG" = "$sshKeyOffered" ] ; then - log "An OpenPGP key matching the ssh key offered by the host was found:" - log - - # do some crazy "Here Strings" redirection to get the key to - # ssh-keygen, since it doesn't read from stdin cleanly - sshFingerprint=$(ssh-keygen -l -f /dev/stdin \ - <<<$(echo "$sshKeyGPG") | \ - awk '{ print $2 }') - - # get the sigs for the matching key - gpgSigOut=$(gpg --check-sigs \ - --list-options show-uid-validity \ - "$keyid") - - # output the sigs, but only those on the user ID - # we are looking for - echo "$gpgSigOut" | awk ' -{ -if (match($0,"^pub")) { print; } -if (match($0,"^uid")) { ok=0; } -if (match($0,"^uid.*'$userID'$")) { ok=1; print; } -if (ok) { if (match($0,"^sig")) { print; } } -} -' >&2 - log - - # output the other user IDs for reference - if (echo "$gpgSigOut" | grep "^uid" | grep -v -q "$userID") ; then - log "Other user IDs on this key:" - echo "$gpgSigOut" | grep "^uid" | grep -v "$userID" >&2 - log - fi - - # output ssh fingerprint - log "RSA key fingerprint is ${sshFingerprint}." - - # this whole process is in a "while read" - # subshell. the only way to get information out - # of the subshell is to change the return code. - # therefore we return 1 here to indicate that a - # matching gpg key was found for the ssh key - # offered by the host - return 1 - fi - ;; - esac - done - - # if no key match was made (and the "while read" subshell returned - # 1) output how many keys were found - if (($? != 1)) ; then - log "None of the found keys matched the key offered by the host." - log "Run the following command for more info about the found keys:" - log "gpg --check-sigs --list-options show-uid-validity =${userID}" - # FIXME: should we do anything extra here if the retrieved - # host key is actually in the known_hosts file and the ssh - # connection will succeed? Should the user be warned? - # prompted? - fi - - log "-------------------- ssh continues below --------------------" -} - -######################################################################## - -# export the monkeysphere log level -export MONKEYSPHERE_LOG_LEVEL - -if [ "$1" = '--no-connect' ] ; then - NO_CONNECT='true' - shift 1 -fi - -HOST="$1" -PORT="$2" - -if [ -z "$HOST" ] ; then - log "Host not specified." - usage - exit 255 -fi -if [ -z "$PORT" ] ; then - PORT=22 -fi - -# set the host URI -if [ "$PORT" != '22' ] ; then - HOSTP="${HOST}:${PORT}" -else - HOSTP="${HOST}" -fi -URI="ssh://${HOSTP}" - -# specify keyserver checking. the behavior of this proxy command is -# intentionally different than that of running monkeyesphere normally, -# and keyserver checking is intentionally done under certain -# circumstances. This can be overridden by setting the -# MONKEYSPHERE_CHECK_KEYSERVER environment variable. - -# if the host is in the gpg keyring... -if gpg --list-key ="${URI}" 2>&1 >/dev/null ; then - # do not check the keyserver - CHECK_KEYSERVER="false" - -# if the host is NOT in the keyring... -else - # if the host key is found in the known_hosts file... - # FIXME: this only works for default known_hosts location - hostKey=$(ssh-keygen -F "$HOST" 2>/dev/null) - - if [ "$hostKey" ] ; then - # do not check the keyserver - # FIXME: more nuanced checking should be done here to properly - # take into consideration hosts that join monkeysphere by - # converting an existing and known ssh key - CHECK_KEYSERVER="false" - - # if the host key is not found in the known_hosts file... - else - # check the keyserver - CHECK_KEYSERVER="true" - fi -fi -# set and export the variable for use by monkeysphere -MONKEYSPHERE_CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:="$CHECK_KEYSERVER"} -export MONKEYSPHERE_CHECK_KEYSERVER - -# update the known_hosts file for the host -monkeysphere update-known_hosts "$HOSTP" - -# output on depending on the return of the update-known_hosts -# subcommand, which is (ultimately) the return code of the -# update_known_hosts function in common -case $? in - 0) - # acceptable host key found so continue to ssh - true - ;; - 1) - # no hosts at all found so also continue (drop through to - # regular ssh host verification) - true - ;; - 2) - # at least one *bad* host key (and no good host keys) was - # found, so output some usefull information - output_no_valid_key - ;; - *) - # anything else drop through - true - ;; -esac - -# FIXME: what about the case where monkeysphere successfully finds a -# valid key for the host and adds it to the known_hosts file, but a -# different non-monkeysphere key for the host already exists in the -# known_hosts, and it is this non-ms key that is offered by the host? -# monkeysphere will succeed, and the ssh connection will succeed, and -# the user will be left with the impression that they are dealing with -# a OpenPGP/PKI host key when in fact they are not. should we use -# ssh-keyscan to compare the keys first? - -# exec a netcat passthrough to host for the ssh connection -if [ -z "$NO_CONNECT" ] ; then - if (which nc 2>/dev/null >/dev/null); then - exec nc "$HOST" "$PORT" - elif (which socat 2>/dev/null >/dev/null); then - exec socat STDIO "TCP:$HOST:$PORT" - else - echo "Neither netcat nor socat found -- could not complete monkeysphere-ssh-proxycommand connection to $HOST:$PORT" >&2 - exit 255 - fi -fi diff --git a/src/subcommands/m/ssh_proxycommand b/src/subcommands/m/ssh_proxycommand new file mode 100644 index 0000000..56a266e --- /dev/null +++ b/src/subcommands/m/ssh_proxycommand @@ -0,0 +1,252 @@ +# -*-shell-script-*- +# This should be sourced by bash (though we welcome changes to make it POSIX sh compliant) + +# monkeysphere-ssh-proxycommand: MonkeySphere ssh ProxyCommand hook +# +# The monkeysphere scripts are written by: +# Jameson Rollins +# Daniel Kahn Gillmor +# +# They are Copyright 2008-2009, and are all released under the GPL, +# version 3 or later. + +# This is meant to be run as an ssh ProxyCommand to initiate a +# monkeysphere known_hosts update before an ssh connection to host is +# established. Can be added to ~/.ssh/config as follows: +# ProxyCommand monkeysphere-ssh-proxycommand %h %p + +######################################################################## +PGRM=$(basename $0) + +SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/share/monkeysphere"} +export SYSSHAREDIR +. "${SYSSHAREDIR}/common" || exit 1 + +######################################################################## +# FUNCTIONS +######################################################################## + +usage() { + cat <&2 +usage: ssh -o ProxyCommand="$(basename $0) %h %p" ... +EOF +} + +log() { + echo "$@" >&2 +} + +output_no_valid_key() { + local sshKeyOffered + local userID + local type + local validity + local keyid + local uidfpr + local usage + local sshKeyGPG + local tmpkey + local sshFingerprint + local gpgSigOut + + userID="ssh://${HOSTP}" + + log "-------------------- Monkeysphere warning -------------------" + log "Monkeysphere found OpenPGP keys for this hostname, but none had full validity." + + # retrieve the actual ssh key + sshKeyOffered=$(ssh-keyscan -t rsa -p "$PORT" "$HOST" 2>/dev/null | awk '{ print $2, $3 }') + # FIXME: should we do any checks for failed keyscans, eg. host not + # found? + + # get the gpg info for userid + gpgOut=$(gpg --list-key --fixed-list-mode --with-colon \ + --with-fingerprint --with-fingerprint \ + ="$userID" 2>/dev/null) + + # find all 'pub' and 'sub' lines in the gpg output, which each + # represent a retrieved key for the user ID + echo "$gpgOut" | cut -d: -f1,2,5,10,12 | \ + while IFS=: read -r type validity keyid uidfpr usage ; do + case $type in + 'pub'|'sub') + # get the ssh key of the gpg key + sshKeyGPG=$(gpg2ssh "$keyid") + + # if one of keys found matches the one offered by the + # host, then output info + if [ "$sshKeyGPG" = "$sshKeyOffered" ] ; then + log "An OpenPGP key matching the ssh key offered by the host was found:" + log + + # do some crazy "Here Strings" redirection to get the key to + # ssh-keygen, since it doesn't read from stdin cleanly + sshFingerprint=$(ssh-keygen -l -f /dev/stdin \ + <<<$(echo "$sshKeyGPG") | \ + awk '{ print $2 }') + + # get the sigs for the matching key + gpgSigOut=$(gpg --check-sigs \ + --list-options show-uid-validity \ + "$keyid") + + # output the sigs, but only those on the user ID + # we are looking for + echo "$gpgSigOut" | awk ' +{ +if (match($0,"^pub")) { print; } +if (match($0,"^uid")) { ok=0; } +if (match($0,"^uid.*'$userID'$")) { ok=1; print; } +if (ok) { if (match($0,"^sig")) { print; } } +} +' >&2 + log + + # output the other user IDs for reference + if (echo "$gpgSigOut" | grep "^uid" | grep -v -q "$userID") ; then + log "Other user IDs on this key:" + echo "$gpgSigOut" | grep "^uid" | grep -v "$userID" >&2 + log + fi + + # output ssh fingerprint + log "RSA key fingerprint is ${sshFingerprint}." + + # this whole process is in a "while read" + # subshell. the only way to get information out + # of the subshell is to change the return code. + # therefore we return 1 here to indicate that a + # matching gpg key was found for the ssh key + # offered by the host + return 1 + fi + ;; + esac + done + + # if no key match was made (and the "while read" subshell returned + # 1) output how many keys were found + if (($? != 1)) ; then + log "None of the found keys matched the key offered by the host." + log "Run the following command for more info about the found keys:" + log "gpg --check-sigs --list-options show-uid-validity =${userID}" + # FIXME: should we do anything extra here if the retrieved + # host key is actually in the known_hosts file and the ssh + # connection will succeed? Should the user be warned? + # prompted? + fi + + log "-------------------- ssh continues below --------------------" +} + +######################################################################## + +# export the monkeysphere log level +export MONKEYSPHERE_LOG_LEVEL + +if [ "$1" = '--no-connect' ] ; then + NO_CONNECT='true' + shift 1 +fi + +HOST="$1" +PORT="$2" + +if [ -z "$HOST" ] ; then + log "Host not specified." + usage + exit 255 +fi +if [ -z "$PORT" ] ; then + PORT=22 +fi + +# set the host URI +if [ "$PORT" != '22' ] ; then + HOSTP="${HOST}:${PORT}" +else + HOSTP="${HOST}" +fi +URI="ssh://${HOSTP}" + +# specify keyserver checking. the behavior of this proxy command is +# intentionally different than that of running monkeyesphere normally, +# and keyserver checking is intentionally done under certain +# circumstances. This can be overridden by setting the +# MONKEYSPHERE_CHECK_KEYSERVER environment variable. + +# if the host is in the gpg keyring... +if gpg --list-key ="${URI}" 2>&1 >/dev/null ; then + # do not check the keyserver + CHECK_KEYSERVER="false" + +# if the host is NOT in the keyring... +else + # if the host key is found in the known_hosts file... + # FIXME: this only works for default known_hosts location + hostKey=$(ssh-keygen -F "$HOST" 2>/dev/null) + + if [ "$hostKey" ] ; then + # do not check the keyserver + # FIXME: more nuanced checking should be done here to properly + # take into consideration hosts that join monkeysphere by + # converting an existing and known ssh key + CHECK_KEYSERVER="false" + + # if the host key is not found in the known_hosts file... + else + # check the keyserver + CHECK_KEYSERVER="true" + fi +fi +# set and export the variable for use by monkeysphere +MONKEYSPHERE_CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:="$CHECK_KEYSERVER"} +export MONKEYSPHERE_CHECK_KEYSERVER + +# update the known_hosts file for the host +monkeysphere update-known_hosts "$HOSTP" + +# output on depending on the return of the update-known_hosts +# subcommand, which is (ultimately) the return code of the +# update_known_hosts function in common +case $? in + 0) + # acceptable host key found so continue to ssh + true + ;; + 1) + # no hosts at all found so also continue (drop through to + # regular ssh host verification) + true + ;; + 2) + # at least one *bad* host key (and no good host keys) was + # found, so output some usefull information + output_no_valid_key + ;; + *) + # anything else drop through + true + ;; +esac + +# FIXME: what about the case where monkeysphere successfully finds a +# valid key for the host and adds it to the known_hosts file, but a +# different non-monkeysphere key for the host already exists in the +# known_hosts, and it is this non-ms key that is offered by the host? +# monkeysphere will succeed, and the ssh connection will succeed, and +# the user will be left with the impression that they are dealing with +# a OpenPGP/PKI host key when in fact they are not. should we use +# ssh-keyscan to compare the keys first? + +# exec a netcat passthrough to host for the ssh connection +if [ -z "$NO_CONNECT" ] ; then + if (which nc 2>/dev/null >/dev/null); then + exec nc "$HOST" "$PORT" + elif (which socat 2>/dev/null >/dev/null); then + exec socat STDIO "TCP:$HOST:$PORT" + else + echo "Neither netcat nor socat found -- could not complete monkeysphere-ssh-proxycommand connection to $HOST:$PORT" >&2 + exit 255 + fi +fi diff --git a/src/subcommands/m/subkey-to-ssh-agent b/src/subcommands/m/subkey-to-ssh-agent deleted file mode 100644 index 9bedb5e..0000000 --- a/src/subcommands/m/subkey-to-ssh-agent +++ /dev/null @@ -1,112 +0,0 @@ -# -*-shell-script-*- -# This should be sourced by bash (though we welcome changes to make it POSIX sh compliant) - -# Monkeysphere subkey-to-ssh-agent subcommand -# -# The monkeysphere scripts are written by: -# Jameson Rollins -# Jamie McClelland -# Daniel Kahn Gillmor -# -# They are Copyright 2008-2009, and are all released under the GPL, -# version 3 or later. - -# try to add all authentication subkeys to the agent - -subkey_to_ssh_agent() { - local sshaddresponse - local secretkeys - local authsubkeys - local workingdir - local keysuccess - local subkey - local publine - local kname - - if ! test_gnu_dummy_s2k_extension ; then - failure "Your version of GnuTLS does not seem capable of using with gpg's exported subkeys. -You may want to consider patching or upgrading to GnuTLS 2.6 or later. - -For more details, see: - http://lists.gnu.org/archive/html/gnutls-devel/2008-08/msg00005.html" - fi - - # if there's no agent running, don't bother: - if [ -z "$SSH_AUTH_SOCK" ] || ! which ssh-add >/dev/null ; then - failure "No ssh-agent available." - fi - - # and if it looks like it's running, but we can't actually talk to - # it, bail out: - ssh-add -l >/dev/null - sshaddresponse="$?" - if [ "$sshaddresponse" = "2" ]; then - failure "Could not connect to ssh-agent" - fi - - # get list of secret keys (to work around https://bugs.g10code.com/gnupg/issue945): - secretkeys=$(gpg --list-secret-keys --with-colons --fixed-list-mode --fingerprint | \ - grep '^fpr:' | cut -f10 -d: | awk '{ print "0x" $1 "!" }') - - if [ -z "$secretkeys" ]; then - failure "You have no secret keys in your keyring! -You might want to run 'gpg --gen-key'." - fi - - authsubkeys=$(gpg --list-secret-keys --with-colons --fixed-list-mode \ - --fingerprint --fingerprint $secretkeys | \ - cut -f1,5,10,12 -d: | grep -A1 '^ssb:[^:]*::[^:]*a[^:]*$' | \ - grep '^fpr::' | cut -f3 -d: | sort -u) - - if [ -z "$authsubkeys" ]; then - failure "no authentication-capable subkeys available. -You might want to 'monkeysphere gen-subkey'" - fi - - workingdir=$(mktemp -d ${TMPDIR:-/tmp}/tmp.XXXXXXXXXX) - umask 077 - mkfifo "$workingdir/passphrase" - keysuccess=1 - - # FIXME: we're currently allowing any other options to get passed - # through to ssh-add. should we limit it to known ones? For - # example: -d or -c and/or -t - - for subkey in $authsubkeys; do - # choose a label by which this key will be known in the agent: - # we are labelling the key by User ID instead of by - # fingerprint, but filtering out all / characters to make sure - # the filename is legit. - - primaryuid=$(gpg --with-colons --list-key "0x${subkey}!" | grep '^pub:' | cut -f10 -d: | tr -d /) - - #kname="[monkeysphere] $primaryuid" - kname="$primaryuid" - - if [ "$1" = '-d' ]; then - # we're removing the subkey: - gpg --export "0x${subkey}!" | openpgp2ssh "$subkey" > "$workingdir/$kname" - (cd "$workingdir" && ssh-add -d "$kname") - else - # we're adding the subkey: - mkfifo "$workingdir/$kname" - gpg --quiet --passphrase-fd 3 3<"$workingdir/passphrase" \ - --export-options export-reset-subkey-passwd,export-minimal,no-export-attributes \ - --export-secret-subkeys "0x${subkey}!" | openpgp2ssh "$subkey" > "$workingdir/$kname" & - (cd "$workingdir" && DISPLAY=nosuchdisplay SSH_ASKPASS=/bin/false ssh-add "$@" "$kname" +# Jamie McClelland +# Daniel Kahn Gillmor +# +# They are Copyright 2008-2009, and are all released under the GPL, +# version 3 or later. + +# try to add all authentication subkeys to the agent + +subkey_to_ssh_agent() { + local sshaddresponse + local secretkeys + local authsubkeys + local workingdir + local keysuccess + local subkey + local publine + local kname + + if ! test_gnu_dummy_s2k_extension ; then + failure "Your version of GnuTLS does not seem capable of using with gpg's exported subkeys. +You may want to consider patching or upgrading to GnuTLS 2.6 or later. + +For more details, see: + http://lists.gnu.org/archive/html/gnutls-devel/2008-08/msg00005.html" + fi + + # if there's no agent running, don't bother: + if [ -z "$SSH_AUTH_SOCK" ] || ! which ssh-add >/dev/null ; then + failure "No ssh-agent available." + fi + + # and if it looks like it's running, but we can't actually talk to + # it, bail out: + ssh-add -l >/dev/null + sshaddresponse="$?" + if [ "$sshaddresponse" = "2" ]; then + failure "Could not connect to ssh-agent" + fi + + # get list of secret keys (to work around https://bugs.g10code.com/gnupg/issue945): + secretkeys=$(gpg --list-secret-keys --with-colons --fixed-list-mode --fingerprint | \ + grep '^fpr:' | cut -f10 -d: | awk '{ print "0x" $1 "!" }') + + if [ -z "$secretkeys" ]; then + failure "You have no secret keys in your keyring! +You might want to run 'gpg --gen-key'." + fi + + authsubkeys=$(gpg --list-secret-keys --with-colons --fixed-list-mode \ + --fingerprint --fingerprint $secretkeys | \ + cut -f1,5,10,12 -d: | grep -A1 '^ssb:[^:]*::[^:]*a[^:]*$' | \ + grep '^fpr::' | cut -f3 -d: | sort -u) + + if [ -z "$authsubkeys" ]; then + failure "no authentication-capable subkeys available. +You might want to 'monkeysphere gen-subkey'" + fi + + workingdir=$(mktemp -d ${TMPDIR:-/tmp}/tmp.XXXXXXXXXX) + umask 077 + mkfifo "$workingdir/passphrase" + keysuccess=1 + + # FIXME: we're currently allowing any other options to get passed + # through to ssh-add. should we limit it to known ones? For + # example: -d or -c and/or -t + + for subkey in $authsubkeys; do + # choose a label by which this key will be known in the agent: + # we are labelling the key by User ID instead of by + # fingerprint, but filtering out all / characters to make sure + # the filename is legit. + + primaryuid=$(gpg --with-colons --list-key "0x${subkey}!" | grep '^pub:' | cut -f10 -d: | tr -d /) + + #kname="[monkeysphere] $primaryuid" + kname="$primaryuid" + + if [ "$1" = '-d' ]; then + # we're removing the subkey: + gpg --export "0x${subkey}!" | openpgp2ssh "$subkey" > "$workingdir/$kname" + (cd "$workingdir" && ssh-add -d "$kname") + else + # we're adding the subkey: + mkfifo "$workingdir/$kname" + gpg --quiet --passphrase-fd 3 3<"$workingdir/passphrase" \ + --export-options export-reset-subkey-passwd,export-minimal,no-export-attributes \ + --export-secret-subkeys "0x${subkey}!" | openpgp2ssh "$subkey" > "$workingdir/$kname" & + (cd "$workingdir" && DISPLAY=nosuchdisplay SSH_ASKPASS=/bin/false ssh-add "$@" "$kname"