From 8714868fe12f15afc02ee84379b544774df35c15 Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Thu, 31 Jul 2008 20:42:49 -0400
Subject: initial pass at monkeysphere-server diagnostics (lots more to fill
in!)
---
src/monkeysphere-server | 100 ++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 100 insertions(+)
(limited to 'src')
diff --git a/src/monkeysphere-server b/src/monkeysphere-server
index ce80059..98b60c0 100755
--- a/src/monkeysphere-server
+++ b/src/monkeysphere-server
@@ -45,6 +45,7 @@ subcommands:
-r|--revoker FINGERPRINT add a revoker
show-fingerprint (f) show server's host key fingerprint
publish-key (p) publish server's host key to keyserver
+ diagnostics (d) report on the server's monkeysphere status
add-identity-certifier (a) KEYID import and tsign a certification key
-n|--domain DOMAIN limit ID certifications to IDs in DOMAIN ()
@@ -379,6 +380,101 @@ publish_server_key() {
exit 255
}
+diagnostics() {
+# * check on the status and validity of the key and public certificates
+ local seckey
+ local keysfound
+ local keyexp
+ local curdate
+ local warnwindow
+ local warndate
+
+ seckey=$(gpg_host --list-secret-keys --with-colons --fixed-list-mode)
+ keysfound=$(echo "$seckey" | grep -c ^sec:)
+ curdate=$(date +%s)
+ # warn when anything is 2 months away from expiration
+ warnwindow='2 months'
+ warndate=$(date +%s -d "$warnwindow")
+
+ if (( "$keysfound" < 1 )); then
+ echo "No host key found!"
+ echo "Recommendation: run 'monkeysphere-server gen-key'"
+ else
+ if (( "$keysfound" > 1 )); then
+ echo "more than one host key found?"
+ else
+ # check for key expiration:
+ keyexp=$(echo "$seckey" | grep ^sec: | cut -f7 -d:)
+ if (( "$keyexp" < "$curdate" )); then
+ echo "Host key is expired!"
+ # FIXME: recommend a way to resolve this other than re-keying?
+ elif (( "$keyexp" < "$warndate" )); then
+ echo "Host key expires in less than $warnwindow"
+ # FIXME: recommend a way to resolve this?
+ fi
+ # and weirdnesses:
+ if (( $(echo "$seckey" | grep ^sec: | cut -f6 -d:) > "$curdate" )); then
+ echo "Host key was created in the future(?!). Is your clock correct?"
+ echo "Recommendation: Check clock ($(date +%F_%T)); use NTP?"
+ fi
+
+ # check for UserID expiration:
+ echo "$seckey" | grep ^uid: | cut -d: -f6,7,10 | \
+ while IFS=: read create expire uid ; do
+ # FIXME: should we be doing any checking on the form
+ # of the User ID? Should we be unmangling it somehow?
+ if [ "$create" ] && (( "$create" > "$curdate" )); then
+ echo "User ID '$uid' was created in the future(?!). Is your clock correct?"
+ echo "Recommendation: Check clock ($(date +%F_%T)); use NTP?"
+ fi
+ if [ "$expire" ] ; then
+ if (( "$expire" < "$curdate" )); then
+ echo "User ID '$uid' is expired!"
+ # FIXME: recommend a way to resolve this
+ elif (( "$expire" < "$warndate" )); then
+ echo "User ID '$uid' expires in less than $warnwindow"
+ # FIXME: recommend a way to resolve this
+ fi
+ fi
+ done
+
+# FIXME: verify that the host key is properly published to the
+# keyservers
+
+# FIXME: check that there are valid, non-expired certifying signatures
+# attached to the host key
+
+# FIXME: propose adding a revoker to the host key if none exist (do we
+# have a way to do that after key generation?)
+
+# Ensure that the ssh_host_rsa_key file is present and non-empty:
+ if [ ! -s "${VARLIB}/ssh_host_rsa_key" ] ; then
+ echo "The host key as prepared for SSH (${VARLIB}/ssh_host_rsa_key) is missing or empty!"
+ else
+ if [ $(stat -c "${VARLIB}/ssh_host_rsa_key") != 600 ] ; then
+ echo "Permissions seem wrong for ${VARLIB}/ssh_host_rsa_key -- should be 0600 !"
+ fi
+
+ # propose changes needed for sshd_config (if any)
+ if ! grep -q "^HostKey ${VARLIB}/ssh_host_rsa_key$" /etc/ssh/sshd_config; then
+ echo "/etc/ssh/sshd_config does not point to the monkeysphere host key (${VARLIB}/ssh_host_rsa_key)."
+ echo "Recommendation: add a line to /etc/ssh/sshd_config: 'HostKey ${VARLIB}/ssh_host_rsa_key'"
+ fi
+ fi
+ fi
+ fi
+
+# FIXME: look at the ownership/privileges of the various keyrings,
+# directories housing them, etc (what should those values be? can
+# we make them as minimal as possible?)
+
+# FIXME: look to see that the ownertrust rules are set properly on the
+# authentication keyring
+
+# FIXME: make sure that at least one identity certifier exists
+
+}
+
# retrieve key from web of trust, import it into the host keyring, and
# ltsign the key in the host keyring so that it may certify other keys
add_certifier() {
@@ -567,6 +663,10 @@ case $COMMAND in
publish_server_key
;;
+ 'diagnostics'|'d')
+ diagnostics
+ ;;
+
'add-identity-certifier'|'add-certifier'|'a')
add_certifier "$1"
;;
--
cgit v1.2.3
From 7c8dbbd047ba2d9f7f9669a28b307195dbe4716a Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Thu, 31 Jul 2008 20:54:20 -0400
Subject: limiting output of monkeysphere-server help (usage) to 80 columns
---
src/monkeysphere-server | 41 ++++++++++++++++++++---------------------
1 file changed, 20 insertions(+), 21 deletions(-)
(limited to 'src')
diff --git a/src/monkeysphere-server b/src/monkeysphere-server
index 98b60c0..d70fe93 100755
--- a/src/monkeysphere-server
+++ b/src/monkeysphere-server
@@ -37,27 +37,26 @@ usage: $PGRM <subcommand> [options] [args]
MonkeySphere server admin tool.
subcommands:
- update-users (u) [USER]... update user authorized_keys files
-
- gen-key (g) [HOSTNAME] generate gpg key for the server
- -l|--length BITS key length in bits (2048)
- -e|--expire EXPIRE date to expire
- -r|--revoker FINGERPRINT add a revoker
- show-fingerprint (f) show server's host key fingerprint
- publish-key (p) publish server's host key to keyserver
- diagnostics (d) report on the server's monkeysphere status
-
- add-identity-certifier (a) KEYID import and tsign a certification key
- -n|--domain DOMAIN limit ID certifications to IDs in DOMAIN ()
- -t|--trust TRUST trust level of certifier (full)
- -d|--depth DEPTH trust depth for certifier (1)
- remove-identity-certifier (r) KEYID remove a certification key
- list-identity-certifiers (l) list certification keys
-
- gpg-authentication-cmd CMD gnupg-authentication command
-
- help (h,?) this help
-
+ update-users (u) [USER]... update user authorized_keys files
+
+ gen-key (g) [HOSTNAME] generate gpg key for the server
+ -l|--length BITS key length in bits (2048)
+ -e|--expire EXPIRE date to expire
+ -r|--revoker FINGERPRINT add a revoker
+ show-fingerprint (f) show server's host key fingerprint
+ publish-key (p) publish server's host key to keyserver
+ diagnostics (d) report on the server's monkeysphere status
+
+ add-identity-certifier (a) KEYID import and tsign a certification key
+ -n|--domain DOMAIN limit ID certifications to IDs in DOMAIN
+ -t|--trust TRUST trust level of certifier (full)
+ -d|--depth DEPTH trust depth for certifier (1)
+ remove-identity-certifier (r) KEYID remove a certification key
+ list-identity-certifiers (l) list certification keys
+
+ gpg-authentication-cmd CMD gnupg-authentication command
+
+ help (h,?) this help
EOF
}
--
cgit v1.2.3
From 0b5404f0488d5ea642aec2e92988740af23d820d Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Thu, 31 Jul 2008 21:29:25 -0400
Subject: fixed broken invocation of stat
---
src/monkeysphere-server | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
(limited to 'src')
diff --git a/src/monkeysphere-server b/src/monkeysphere-server
index d70fe93..03a4ccb 100755
--- a/src/monkeysphere-server
+++ b/src/monkeysphere-server
@@ -450,7 +450,7 @@ diagnostics() {
if [ ! -s "${VARLIB}/ssh_host_rsa_key" ] ; then
echo "The host key as prepared for SSH (${VARLIB}/ssh_host_rsa_key) is missing or empty!"
else
- if [ $(stat -c "${VARLIB}/ssh_host_rsa_key") != 600 ] ; then
+ if [ $(stat -c '%a' "${VARLIB}/ssh_host_rsa_key") != 600 ] ; then
echo "Permissions seem wrong for ${VARLIB}/ssh_host_rsa_key -- should be 0600 !"
fi
--
cgit v1.2.3
From 60931f1c182c6b163862c2eb34b48e459c51c23a Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Thu, 31 Jul 2008 21:44:18 -0400
Subject: be a little more helpful by printing out the actual expiration dates
when things are expiring.
---
src/monkeysphere-server | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
(limited to 'src')
diff --git a/src/monkeysphere-server b/src/monkeysphere-server
index 03a4ccb..16836b2 100755
--- a/src/monkeysphere-server
+++ b/src/monkeysphere-server
@@ -387,6 +387,9 @@ diagnostics() {
local curdate
local warnwindow
local warndate
+ local create
+ local expire
+ local uid
seckey=$(gpg_host --list-secret-keys --with-colons --fixed-list-mode)
keysfound=$(echo "$seckey" | grep -c ^sec:)
@@ -408,7 +411,7 @@ diagnostics() {
echo "Host key is expired!"
# FIXME: recommend a way to resolve this other than re-keying?
elif (( "$keyexp" < "$warndate" )); then
- echo "Host key expires in less than $warnwindow"
+ echo "Host key expires in less than $warnwindow:" $(date -d "$(( $keyexp - $curdate )) seconds" +%F)
# FIXME: recommend a way to resolve this?
fi
# and weirdnesses:
@@ -431,7 +434,7 @@ diagnostics() {
echo "User ID '$uid' is expired!"
# FIXME: recommend a way to resolve this
elif (( "$expire" < "$warndate" )); then
- echo "User ID '$uid' expires in less than $warnwindow"
+ echo "User ID '$uid' expires in less than $warnwindow:" $(date -d "$(( $expire - $curdate )) seconds" +%F)
# FIXME: recommend a way to resolve this
fi
fi
--
cgit v1.2.3
From 3a1f327ccfa3bb1df72bdc03ea2336956647ec21 Mon Sep 17 00:00:00 2001
From: Jameson Graef Rollins <jrollins@phys.columbia.edu>
Date: Thu, 31 Jul 2008 19:01:52 -0700
Subject: Fix inaccurate comment in process_user_id function.
---
src/common | 2 --
1 file changed, 2 deletions(-)
(limited to 'src')
diff --git a/src/common b/src/common
index 1e8f23c..e281de4 100644
--- a/src/common
+++ b/src/common
@@ -319,8 +319,6 @@ process_user_id() {
fi
# loop over all lines in the gpg output and process.
- # need to do it this way (as opposed to "while read...") so that
- # variables set in loop will be visible outside of loop
echo "$gpgOut" | cut -d: -f1,2,5,10,12 | \
while IFS=: read -r type validity keyid uidfpr usage ; do
# process based on record type
--
cgit v1.2.3
From 91f299c44f20f913ac5309a67d6cf9162c101810 Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Thu, 31 Jul 2008 22:41:29 -0400
Subject: properly handle host keys with no expiration date, store host key
fingerprint for later use in diagnostics.
---
src/monkeysphere-server | 27 +++++++++++++++++----------
1 file changed, 17 insertions(+), 10 deletions(-)
(limited to 'src')
diff --git a/src/monkeysphere-server b/src/monkeysphere-server
index 16836b2..db0fa97 100755
--- a/src/monkeysphere-server
+++ b/src/monkeysphere-server
@@ -383,15 +383,15 @@ diagnostics() {
# * check on the status and validity of the key and public certificates
local seckey
local keysfound
- local keyexp
local curdate
local warnwindow
local warndate
local create
local expire
local uid
+ local fingerprint
- seckey=$(gpg_host --list-secret-keys --with-colons --fixed-list-mode)
+ seckey=$(gpg_host --list-secret-keys --fingerprint --with-colons --fixed-list-mode)
keysfound=$(echo "$seckey" | grep -c ^sec:)
curdate=$(date +%s)
# warn when anything is 2 months away from expiration
@@ -405,17 +405,22 @@ diagnostics() {
if (( "$keysfound" > 1 )); then
echo "more than one host key found?"
else
+ create=$(echo "$seckey" | grep ^sec: | cut -f6 -d:)
+ expire=$(echo "$seckey" | grep ^sec: | cut -f7 -d:)
+ fingerprint=$(echo "$seckey" | grep ^fpr: | head -n1 | cut -f10 -d:)
# check for key expiration:
- keyexp=$(echo "$seckey" | grep ^sec: | cut -f7 -d:)
- if (( "$keyexp" < "$curdate" )); then
- echo "Host key is expired!"
+ if [ "$expire" ]; then
+ if (( "$expire" < "$curdate" )); then
+ echo "Host key is expired!"
# FIXME: recommend a way to resolve this other than re-keying?
- elif (( "$keyexp" < "$warndate" )); then
- echo "Host key expires in less than $warnwindow:" $(date -d "$(( $keyexp - $curdate )) seconds" +%F)
+ elif (( "$expire" < "$warndate" )); then
+ echo "Host key expires in less than $warnwindow:" $(date -d "$(( $expire - $curdate )) seconds" +%F)
# FIXME: recommend a way to resolve this?
+ fi
fi
+
# and weirdnesses:
- if (( $(echo "$seckey" | grep ^sec: | cut -f6 -d:) > "$curdate" )); then
+ if [ "$create" ] && (( "$create" > "$curdate" )); then
echo "Host key was created in the future(?!). Is your clock correct?"
echo "Recommendation: Check clock ($(date +%F_%T)); use NTP?"
fi
@@ -425,6 +430,7 @@ diagnostics() {
while IFS=: read create expire uid ; do
# FIXME: should we be doing any checking on the form
# of the User ID? Should we be unmangling it somehow?
+
if [ "$create" ] && (( "$create" > "$curdate" )); then
echo "User ID '$uid' was created in the future(?!). Is your clock correct?"
echo "Recommendation: Check clock ($(date +%F_%T)); use NTP?"
@@ -441,10 +447,11 @@ diagnostics() {
done
# FIXME: verify that the host key is properly published to the
-# keyservers
+# keyservers (do this with the non-privileged user)
# FIXME: check that there are valid, non-expired certifying signatures
-# attached to the host key
+# attached to the host key after fetching from the public keyserver
+# (do this with the non-privileged user as well)
# FIXME: propose adding a revoker to the host key if none exist (do we
# have a way to do that after key generation?)
--
cgit v1.2.3
From 8ec4e9b0a4a58aece8e5034324971ab40b25fa12 Mon Sep 17 00:00:00 2001
From: Jameson Graef Rollins <jrollins@phys.columbia.edu>
Date: Fri, 1 Aug 2008 14:49:02 -0700
Subject: some tweaks to output formatting for diagnostic command.
---
src/monkeysphere-server | 97 +++++++++++++++++++++++++------------------------
1 file changed, 49 insertions(+), 48 deletions(-)
(limited to 'src')
diff --git a/src/monkeysphere-server b/src/monkeysphere-server
index db0fa97..63c3668 100755
--- a/src/monkeysphere-server
+++ b/src/monkeysphere-server
@@ -398,53 +398,54 @@ diagnostics() {
warnwindow='2 months'
warndate=$(date +%s -d "$warnwindow")
+ echo "Checking host GPG key..."
if (( "$keysfound" < 1 )); then
- echo "No host key found!"
- echo "Recommendation: run 'monkeysphere-server gen-key'"
+ echo "! No host key found."
+ echo " - Recommendation: run 'monkeysphere-server gen-key'"
+ elif (( "$keysfound" > 1 )); then
+ echo "! More than one host key found?"
+ # FIXME: recommend a way to resolve this
else
- if (( "$keysfound" > 1 )); then
- echo "more than one host key found?"
- else
- create=$(echo "$seckey" | grep ^sec: | cut -f6 -d:)
- expire=$(echo "$seckey" | grep ^sec: | cut -f7 -d:)
- fingerprint=$(echo "$seckey" | grep ^fpr: | head -n1 | cut -f10 -d:)
+ create=$(echo "$seckey" | grep ^sec: | cut -f6 -d:)
+ expire=$(echo "$seckey" | grep ^sec: | cut -f7 -d:)
+ fingerprint=$(echo "$seckey" | grep ^fpr: | head -n1 | cut -f10 -d:)
# check for key expiration:
- if [ "$expire" ]; then
- if (( "$expire" < "$curdate" )); then
- echo "Host key is expired!"
+ if [ "$expire" ]; then
+ if (( "$expire" < "$curdate" )); then
+ echo "! Host key is expired."
# FIXME: recommend a way to resolve this other than re-keying?
- elif (( "$expire" < "$warndate" )); then
- echo "Host key expires in less than $warnwindow:" $(date -d "$(( $expire - $curdate )) seconds" +%F)
+ elif (( "$expire" < "$warndate" )); then
+ echo "! Host key expires in less than $warnwindow:" $(date -d "$(( $expire - $curdate )) seconds" +%F)
# FIXME: recommend a way to resolve this?
- fi
fi
-
+ fi
+
# and weirdnesses:
- if [ "$create" ] && (( "$create" > "$curdate" )); then
- echo "Host key was created in the future(?!). Is your clock correct?"
- echo "Recommendation: Check clock ($(date +%F_%T)); use NTP?"
- fi
+ if [ "$create" ] && (( "$create" > "$curdate" )); then
+ echo "! Host key was created in the future(?!). Is your clock correct?"
+ echo " - Recommendation: Check clock ($(date +%F_%T)); use NTP?"
+ fi
# check for UserID expiration:
- echo "$seckey" | grep ^uid: | cut -d: -f6,7,10 | \
- while IFS=: read create expire uid ; do
- # FIXME: should we be doing any checking on the form
- # of the User ID? Should we be unmangling it somehow?
-
- if [ "$create" ] && (( "$create" > "$curdate" )); then
- echo "User ID '$uid' was created in the future(?!). Is your clock correct?"
- echo "Recommendation: Check clock ($(date +%F_%T)); use NTP?"
- fi
- if [ "$expire" ] ; then
- if (( "$expire" < "$curdate" )); then
- echo "User ID '$uid' is expired!"
- # FIXME: recommend a way to resolve this
- elif (( "$expire" < "$warndate" )); then
- echo "User ID '$uid' expires in less than $warnwindow:" $(date -d "$(( $expire - $curdate )) seconds" +%F)
+ echo "$seckey" | grep ^uid: | cut -d: -f6,7,10 | \
+ while IFS=: read create expire uid ; do
+ # FIXME: should we be doing any checking on the form
+ # of the User ID? Should we be unmangling it somehow?
+
+ if [ "$create" ] && (( "$create" > "$curdate" )); then
+ echo "! User ID '$uid' was created in the future(?!). Is your clock correct?"
+ echo " - Recommendation: Check clock ($(date +%F_%T)); use NTP?"
+ fi
+ if [ "$expire" ] ; then
+ if (( "$expire" < "$curdate" )); then
+ echo "! User ID '$uid' is expired."
# FIXME: recommend a way to resolve this
- fi
+ elif (( "$expire" < "$warndate" )); then
+ echo "! User ID '$uid' expires in less than $warnwindow:" $(date -d "$(( $expire - $curdate )) seconds" +%F)
+ # FIXME: recommend a way to resolve this
fi
- done
+ fi
+ done
# FIXME: verify that the host key is properly published to the
# keyservers (do this with the non-privileged user)
@@ -456,19 +457,19 @@ diagnostics() {
# FIXME: propose adding a revoker to the host key if none exist (do we
# have a way to do that after key generation?)
-# Ensure that the ssh_host_rsa_key file is present and non-empty:
- if [ ! -s "${VARLIB}/ssh_host_rsa_key" ] ; then
- echo "The host key as prepared for SSH (${VARLIB}/ssh_host_rsa_key) is missing or empty!"
- else
- if [ $(stat -c '%a' "${VARLIB}/ssh_host_rsa_key") != 600 ] ; then
- echo "Permissions seem wrong for ${VARLIB}/ssh_host_rsa_key -- should be 0600 !"
- fi
+ # Ensure that the ssh_host_rsa_key file is present and non-empty:
+ echo "Checking host SSH key..."
+ if [ ! -s "${VARLIB}/ssh_host_rsa_key" ] ; then
+ echo "! The host key as prepared for SSH (${VARLIB}/ssh_host_rsa_key) is missing or empty."
+ else
+ if [ $(stat -c '%a' "${VARLIB}/ssh_host_rsa_key") != 600 ] ; then
+ echo "! Permissions seem wrong for ${VARLIB}/ssh_host_rsa_key -- should be 0600."
+ fi
- # propose changes needed for sshd_config (if any)
- if ! grep -q "^HostKey ${VARLIB}/ssh_host_rsa_key$" /etc/ssh/sshd_config; then
- echo "/etc/ssh/sshd_config does not point to the monkeysphere host key (${VARLIB}/ssh_host_rsa_key)."
- echo "Recommendation: add a line to /etc/ssh/sshd_config: 'HostKey ${VARLIB}/ssh_host_rsa_key'"
- fi
+ # propose changes needed for sshd_config (if any)
+ if ! grep -q "^HostKey ${VARLIB}/ssh_host_rsa_key$" /etc/ssh/sshd_config; then
+ echo "! /etc/ssh/sshd_config does not point to the monkeysphere host key (${VARLIB}/ssh_host_rsa_key)."
+ echo " - Recommendation: add a line to /etc/ssh/sshd_config: 'HostKey ${VARLIB}/ssh_host_rsa_key'"
fi
fi
fi
--
cgit v1.2.3
From ce1111775aa0e23680932508c2b31e8091ff8beb Mon Sep 17 00:00:00 2001
From: Jameson Graef Rollins <jrollins@phys.columbia.edu>
Date: Sat, 2 Aug 2008 16:41:46 -0700
Subject: Fix how file modification check is done, and fix accidental
extraneous output.
---
debian/changelog | 6 +++++-
doc/george/changelog | 7 +++++--
src/common | 14 +++++++++++---
3 files changed, 21 insertions(+), 6 deletions(-)
(limited to 'src')
diff --git a/debian/changelog b/debian/changelog
index c81d844..8bfd387 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,8 +1,12 @@
monkeysphere (0.7-1) UNRELEASED; urgency=low
+ [ Daniel Kahn Gillmor ]
* Added monkeysphere-server diagnostics subcommand.
- -- Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net> Thu, 31 Jul 2008 19:27:45 -0400
+ [ Jameson Graef Rollins ]
+ * fix how check for file modification is done.
+
+ -- Jameson Graef Rollins <jrollins@phys.columbia.edu> Sat, 02 Aug 2008 16:41:20 -0700
monkeysphere (0.6-1) experimental; urgency=low
diff --git a/doc/george/changelog b/doc/george/changelog
index 770a265..45834d6 100644
--- a/doc/george/changelog
+++ b/doc/george/changelog
@@ -19,8 +19,11 @@
* created ~webmaster/ikiwiki.setup
* ikiwiki --setup ikiwiki.setup
* linked post-receive to new post-commit hook in monkeysphere.git
- * changed default keyserver to be pgp.mit.edu (subkeys.pgp.net blows)
-
+ * changed default keyserver to be pgp.mit.edu (subkeys.pgp.net
+ blows)
+ * updated /etc/skel with ssh and monkeysphere stuff
+ * made authorzied_user_ids file for webmaster and ran
+ "monkeysphere-server u webmaster".
2008-06-23 - dkg
* added monkeysphere apt repository to /etc/apt/sources.list
diff --git a/src/common b/src/common
index e281de4..ba7df73 100644
--- a/src/common
+++ b/src/common
@@ -498,6 +498,7 @@ update_known_hosts() {
local nHosts
local nHostsOK
local nHostsBAD
+ local fileCheck
local host
# the number of hosts specified on command line
@@ -512,6 +513,9 @@ update_known_hosts() {
# create a lockfile on known_hosts
lockfile-create "$KNOWN_HOSTS"
+ # note pre update file checksum
+ fileCheck=$(md5sum "$KNOWN_HOSTS")
+
for host ; do
# process the host
process_host_known_hosts "$host"
@@ -533,7 +537,7 @@ update_known_hosts() {
lockfile-remove "$KNOWN_HOSTS"
# note if the known_hosts file was updated
- if [ "$nHostsOK" -gt 0 -o "$nHostsBAD" -gt 0 ] ; then
+ if [ "$(md5sum "$KNOWN_HOSTS")" != "$fileCheck" ] ; then
log "known_hosts file updated."
fi
@@ -634,6 +638,7 @@ update_authorized_keys() {
local nIDs
local nIDsOK
local nIDsBAD
+ local fileCheck
# the number of ids specified on command line
nIDs="$#"
@@ -647,6 +652,9 @@ update_authorized_keys() {
# create a lockfile on authorized_keys
lockfile-create "$AUTHORIZED_KEYS"
+ # note pre update file checksum
+ fileCheck=$(md5sum "$AUTHORIZED_KEYS")
+
for userID ; do
# process the user ID, change return code if key not found for
# user ID
@@ -670,7 +678,7 @@ update_authorized_keys() {
lockfile-remove "$AUTHORIZED_KEYS"
# note if the authorized_keys file was updated
- if [ "$nIDsOK" -gt 0 -o "$nIDsBAD" -gt 0 ] ; then
+ if [ "$(md5sum "$AUTHORIZED_KEYS")" != "$fileCheck" ] ; then
log "authorized_keys file updated."
fi
@@ -700,7 +708,7 @@ process_authorized_user_ids() {
log "processing authorized_user_ids file..."
- if ! meat "$authorizedUserIDs" ; then
+ if ! meat "$authorizedUserIDs" > /dev/null ; then
log "no user IDs to process."
return
fi
--
cgit v1.2.3
From 8e1439bc18f8203d71c1237a25c21374ca17c38c Mon Sep 17 00:00:00 2001
From: Jameson Graef Rollins <jrollins@phys.columbia.edu>
Date: Sun, 3 Aug 2008 00:10:28 -0700
Subject: rework out user id processing is done to provide better diagnostic
output.
---
debian/changelog | 4 +++-
src/common | 56 +++++++++++++++++++++++++++++++++++++-------------------
2 files changed, 40 insertions(+), 20 deletions(-)
(limited to 'src')
diff --git a/debian/changelog b/debian/changelog
index 8bfd387..3e7abb8 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -5,8 +5,10 @@ monkeysphere (0.7-1) UNRELEASED; urgency=low
[ Jameson Graef Rollins ]
* fix how check for file modification is done.
+ * rework out user id processing is done to provide more verbose log
+ output.
- -- Jameson Graef Rollins <jrollins@phys.columbia.edu> Sat, 02 Aug 2008 16:41:20 -0700
+ -- Jameson Graef Rollins <jrollins@phys.columbia.edu> Sun, 03 Aug 2008 00:00:06 -0700
monkeysphere (0.6-1) experimental; urgency=low
diff --git a/src/common b/src/common
index ba7df73..f5bb3bb 100644
--- a/src/common
+++ b/src/common
@@ -314,7 +314,7 @@ process_user_id() {
# if the gpg query return code is not 0, return 1
if [ "$?" -ne 0 ] ; then
- log " - key not found."
+ log " no primary keys found."
return 1
fi
@@ -377,10 +377,19 @@ process_user_id() {
# output a line for the primary key
# 0 = ok, 1 = bad
if [ "$keyOK" -a "$uidOK" -a "$lastKeyOK" ] ; then
- log " * acceptable key found."
- echo "0:${fingerprint}"
+ log " * acceptable primary key."
+ if [ -z "$sshKey" ] ; then
+ log " ! primary key could not be translated."
+ else
+ echo "0:${sshKey}"
+ fi
else
- echo "1:${fingerprint}"
+ log " - unacceptable primary key."
+ if [ -z "$sshKey" ] ; then
+ log " ! primary key could not be translated."
+ else
+ echo "1:${sshKey}"
+ fi
fi
;;
'sub') # sub keys
@@ -404,18 +413,29 @@ process_user_id() {
'fpr') # key fingerprint
fingerprint="$uidfpr"
+ sshKey=$(gpg2ssh "$fingerprint")
+
# if the last key was the pub key, skip
if [ "$lastKey" = pub ] ; then
continue
fi
-
- # output a line for the last subkey
+
+ # output a line for the primary key
# 0 = ok, 1 = bad
if [ "$keyOK" -a "$uidOK" -a "$lastKeyOK" ] ; then
- log " * acceptable key found."
- echo "0:${fingerprint}"
+ log " * acceptable sub key."
+ if [ -z "$sshKey" ] ; then
+ log " ! sub key could not be translated."
+ else
+ echo "0:${sshKey}"
+ fi
else
- echo "1:${fingerprint}"
+ log " - unacceptable sub key."
+ if [ -z "$sshKey" ] ; then
+ log " ! sub key could not be translated."
+ else
+ echo "1:${sshKey}"
+ fi
fi
;;
esac
@@ -429,28 +449,27 @@ process_host_known_hosts() {
local nKeys
local nKeysOK
local ok
- local keyid
+ local sshKey
local tmpfile
host="$1"
- log "processing host: $host"
+ log "processing: $host"
userID="ssh://${host}"
nKeys=0
nKeysOK=0
+ IFS=$'\n'
for line in $(process_user_id "ssh://${host}") ; do
# note that key was found
nKeys=$((nKeys+1))
ok=$(echo "$line" | cut -d: -f1)
- keyid=$(echo "$line" | cut -d: -f2)
+ sshKey=$(echo "$line" | cut -d: -f2)
- sshKey=$(gpg2ssh "$keyid")
if [ -z "$sshKey" ] ; then
- log " ! key could not be translated."
continue
fi
@@ -582,25 +601,24 @@ process_uid_authorized_keys() {
local nKeys
local nKeysOK
local ok
- local keyid
+ local sshKey
userID="$1"
- log "processing user ID: $userID"
+ log "processing: $userID"
nKeys=0
nKeysOK=0
+ IFS=$'\n'
for line in $(process_user_id "$userID") ; do
# note that key was found
nKeys=$((nKeys+1))
ok=$(echo "$line" | cut -d: -f1)
- keyid=$(echo "$line" | cut -d: -f2)
+ sshKey=$(echo "$line" | cut -d: -f2)
- sshKey=$(gpg2ssh "$keyid")
if [ -z "$sshKey" ] ; then
- log " ! key could not be translated."
continue
fi
--
cgit v1.2.3
From dbbd1bd42f084dfe780f18875c6f36eb6d4f33b1 Mon Sep 17 00:00:00 2001
From: Jameson Graef Rollins <jrollins@phys.columbia.edu>
Date: Sun, 3 Aug 2008 00:55:19 -0700
Subject: - Fixed bug in monkeysphere update-authorized_keys subcommand that
had been preventing disallowed user ids from being properly removed from
authorized_keys file. - Fixed file md5sum checking.
---
debian/changelog | 4 ++-
man/man1/monkeysphere.1 | 23 +++++++--------
src/common | 75 +++++++++++++++++++------------------------------
3 files changed, 44 insertions(+), 58 deletions(-)
(limited to 'src')
diff --git a/debian/changelog b/debian/changelog
index 3e7abb8..b03e0e4 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -7,8 +7,10 @@ monkeysphere (0.7-1) UNRELEASED; urgency=low
* fix how check for file modification is done.
* rework out user id processing is done to provide more verbose log
output.
+ * fix bug in monkeysphpere update-authorized_keys subcommand where
+ disallowed keys failed to be remove from authorized_keys file.
- -- Jameson Graef Rollins <jrollins@phys.columbia.edu> Sun, 03 Aug 2008 00:00:06 -0700
+ -- Jameson Graef Rollins <jrollins@phys.columbia.edu> Sun, 03 Aug 2008 00:55:05 -0700
monkeysphere (0.6-1) experimental; urgency=low
diff --git a/man/man1/monkeysphere.1 b/man/man1/monkeysphere.1
index 1d1c0e5..43e3fd5 100644
--- a/man/man1/monkeysphere.1
+++ b/man/man1/monkeysphere.1
@@ -37,17 +37,18 @@ if matching keys were found but none were acceptable. `k' may be used
in place of `update-known_hosts'.
.TP
.B update-authorized_keys
-Update the authorized_keys file. For each user ID in the user's
-authorized_user_ids file, gpg will be queried for keys associated with
-that user ID, optionally querying a keyserver. If an acceptable key
-is found (see KEY ACCEPTABILITY in monkeysphere(5)), the key is added
-to the user's authorized_keys file. If a key is found but is
-unacceptable for the user ID, any matching keys are removed from the
-user's authorized_keys file. If no gpg key is found for the user ID,
-nothing is done. This subcommand will exit with a status of 0 if at
-least one acceptable key was found for a user ID, 1 if no matching
-keys were found at all, and 2 if matching keys were found but none
-were acceptable. `a' may be used in place of
+Update the authorized_keys file. First all monkeysphere keys are
+cleared from the authorized_keys file. Then, for each user ID in the
+user's authorized_user_ids file, gpg will be queried for keys
+associated with that user ID, optionally querying a keyserver. If an
+acceptable key is found (see KEY ACCEPTABILITY in monkeysphere(5)),
+the key is added to the user's authorized_keys file. If a key is
+found but is unacceptable for the user ID, any matching keys are
+removed from the user's authorized_keys file. If no gpg key is found
+for the user ID, nothing is done. This subcommand will exit with a
+status of 0 if at least one acceptable key was found for a user ID, 1
+if no matching keys were found at all, and 2 if matching keys were
+found but none were acceptable. `a' may be used in place of
`update-authorized_keys'.
.TP
.B gen-subkey KEYID
diff --git a/src/common b/src/common
index f5bb3bb..3966705 100644
--- a/src/common
+++ b/src/common
@@ -83,6 +83,10 @@ remove_line() {
return 1
fi
+ if [ ! -e "$file" ] ; then
+ return 1
+ fi
+
# if the string is in the file...
if grep -q -F "$string" "$file" 2> /dev/null ; then
# remove the line with the string, and return 0
@@ -94,6 +98,24 @@ remove_line() {
fi
}
+# remove all lines with MonkeySphere strings in file
+remove_monkeysphere_lines() {
+ local file
+
+ file="$1"
+
+ if [ -z "$file" ] ; then
+ return 1
+ fi
+
+ if [ ! -e "$file" ] ; then
+ return 1
+ fi
+
+ egrep -v '^MonkeySphere[[:digit:]]{4}(-[[:digit:]]{2}){2}T[[:digit:]]{2}(:[[:digit:]]{2}){2}$' \
+ "$file" | sponge "$file"
+}
+
# translate ssh-style path variables %h and %u
translate_ssh_variables() {
local uname
@@ -533,7 +555,7 @@ update_known_hosts() {
lockfile-create "$KNOWN_HOSTS"
# note pre update file checksum
- fileCheck=$(md5sum "$KNOWN_HOSTS")
+ fileCheck="$(cat "$KNOWN_HOSTS" | md5sum)"
for host ; do
# process the host
@@ -556,7 +578,7 @@ update_known_hosts() {
lockfile-remove "$KNOWN_HOSTS"
# note if the known_hosts file was updated
- if [ "$(md5sum "$KNOWN_HOSTS")" != "$fileCheck" ] ; then
+ if [ "$(cat "$KNOWN_HOSTS" | md5sum)" != "$fileCheck" ] ; then
log "known_hosts file updated."
fi
@@ -671,7 +693,10 @@ update_authorized_keys() {
lockfile-create "$AUTHORIZED_KEYS"
# note pre update file checksum
- fileCheck=$(md5sum "$AUTHORIZED_KEYS")
+ fileCheck="$(cat "$AUTHORIZED_KEYS" | md5sum)"
+
+ # remove any monkeysphere lines from authorized_keys file
+ remove_monkeysphere_lines "$AUTHORIZED_KEYS"
for userID ; do
# process the user ID, change return code if key not found for
@@ -696,7 +721,7 @@ update_authorized_keys() {
lockfile-remove "$AUTHORIZED_KEYS"
# note if the authorized_keys file was updated
- if [ "$(md5sum "$AUTHORIZED_KEYS")" != "$fileCheck" ] ; then
+ if [ "$(cat "$AUTHORIZED_KEYS" | md5sum)" != "$fileCheck" ] ; then
log "authorized_keys file updated."
fi
@@ -742,45 +767,3 @@ process_authorized_user_ids() {
update_authorized_keys "${userIDs[@]}"
}
-
-# EXPERIMENTAL (unused) process userids found in authorized_keys file
-# go through line-by-line, extract monkeysphere userids from comment
-# fields, and process each userid
-# NOT WORKING
-process_authorized_keys() {
- local authorizedKeys
- local userID
- local returnCode
-
- # default return code is 0, and is set to 1 if a key for a user
- # is not found
- returnCode=0
-
- authorizedKeys="$1"
-
- # take all the monkeysphere userids from the authorized_keys file
- # comment field (third field) that starts with "MonkeySphere uid:"
- # FIXME: needs to handle authorized_keys options (field 0)
- meat "$authorizedKeys" | \
- while read -r options keytype key comment ; do
- # if the comment field is empty, assume the third field was
- # the comment
- if [ -z "$comment" ] ; then
- comment="$key"
- fi
-
- if echo "$comment" | egrep -v -q '^MonkeySphere[[:digit:]]{4}(-[[:digit:]]{2}){2}T[[:digit:]]{2}(:[[:digit:]]{2}){2}' ; then
- continue
- fi
- userID=$(echo "$comment" | awk "{ print $2 }")
- if [ -z "$userID" ] ; then
- continue
- fi
-
- # process the userid
- log "processing userid: '$userID'"
- process_user_id "$userID" > /dev/null || returnCode=1
- done
-
- return "$returnCode"
-}
--
cgit v1.2.3