From 21f5859c43fb539b6b4a852bc1d92aa3fbab26a2 Mon Sep 17 00:00:00 2001
From: Jameson Graef Rollins <jrollins@phys.columbia.edu>
Date: Thu, 7 Aug 2008 12:27:53 -0700
Subject: Better key parsing for monkeyspher gen-subkey. Allow seckey2sshagent
 to output to file.

---
 src/monkeysphere        |  16 +++++--
 src/monkeysphere-server |   4 +-
 src/seckey2sshagent     | 114 ++++++++++++++++++++++++++++++------------------
 3 files changed, 86 insertions(+), 48 deletions(-)

(limited to 'src')

diff --git a/src/monkeysphere b/src/monkeysphere
index cd77193..4a611c8 100755
--- a/src/monkeysphere
+++ b/src/monkeysphere
@@ -32,7 +32,7 @@ umask 077
 ########################################################################
 
 usage() {
-cat <<EOF
+    cat <<EOF
 usage: $PGRM <subcommand> [options] [args]
 MonkeySphere client tool.
 
@@ -89,9 +89,17 @@ gen_subkey(){
 	esac
     done
 
-    keyID="$1"
-    if [ -z "$keyID" ] ; then
-	failure "You must specify the key ID of your primary key."
+    if [ -z "$1" ] ; then
+	# find all secret keys
+	keyID=$(gpg --with-colons --list-secret-keys | grep ^sec | cut -f5 -d:)
+	# if multiple sec keys exist, fail
+	if (( $(echo "$keyID" | wc -l) > 1 )) ; then
+	    echo "Multiple secret keys found:"
+	    echo "$keyID"
+	    failure "Please specify which primary key to use."
+	fi
+    else
+	keyID="$1"
     fi
 
     # get key output, and fail if not found
diff --git a/src/monkeysphere-server b/src/monkeysphere-server
index a0b7067..7fac3ee 100755
--- a/src/monkeysphere-server
+++ b/src/monkeysphere-server
@@ -32,7 +32,7 @@ RETURN=0
 ########################################################################
 
 usage() {
-cat <<EOF
+    cat <<EOF
 usage: $PGRM <subcommand> [options] [args]
 MonkeySphere server admin tool.
 
@@ -475,7 +475,7 @@ diagnostics() {
 	    if badhostkeys=$(grep '^HostKey' | grep -q -v "^HostKey ${VARLIB}/ssh_host_rsa_key$") ; then
 		echo "! /etc/sshd_config refers to some non-monkeysphere host keys:"
 		echo "$badhostkeys"
-		echo "- Recommendation: remove the above HostKey lines from /etc/ssh/sshd_config"
+		echo " - Recommendation: remove the above HostKey lines from /etc/ssh/sshd_config"
 	    fi
 	fi
     fi
diff --git a/src/seckey2sshagent b/src/seckey2sshagent
index 4b765dc..a516256 100755
--- a/src/seckey2sshagent
+++ b/src/seckey2sshagent
@@ -14,17 +14,17 @@
 # Authors: Daniel Kahn Gillmor <dkg@fifthhorseman.net>,
 #          Jameson Rollins <jrollins@fifthhorseman.net>
 
-
-cleanup() {
-    echo -n "removing temp gpg home... " 1>&2
-    rm -rf "$TMPPRIVATE"
-    echo "done." 1>&2
-}
-
 explanation() {
 
-    echo -n "The basic strategy of seckey2sshagent is to dump your
-OpenPGP authentication key(s) into your agent.
+    cat <<EOF
+Usage: $0 [GPGID [FILE]]
+
+The basic strategy of seckey2sshagent is to dump your OpenPGP
+authentication key(s) into your agent or a file.  With no arguments,
+it will add all secret keys in your keyring to the agent.  With one
+argument, it adds only the specified key to the agent.  With two
+arguments, it dumps the specified key to FILE, with the pub key in
+FILE.pub.
 
 This script is a gross hack at the moment.  It is done by creating a
 new, temporary private keyring, letting the user remove the
@@ -51,8 +51,37 @@ You can check on it with:
 
  ssh-add -l
 
-" 
+EOF
+}
+
+cleanup() {
+    echo -n "removing temp gpg home... " 1>&2
+    rm -rf "$TMPPRIVATE"
+    echo "done." 1>&2
+}
+
+export_sec_key() {
+    gpg --export-secret-key "$GPGID" | GNUPGHOME="$TMPPRIVATE" gpg --import
     
+    GNUPGHOME="$TMPPRIVATE" gpg --edit-key "$GPGID"
+
+    # idea to script the password stuff.  not working.
+    # read -s -p "enter gpg password: " PASSWD; echo
+    # cmd=$(cat <<EOF
+    # passwd
+    # $PASSWD
+    # \n
+    # \n
+    # \n
+    # yes
+    # save
+    # EOF
+    # )
+    # echo -e "$cmd" | GNUPGHOME="$TMPPRIVATE" gpg --command-fd 0 --edit-key $GPGID
+
+    # export secret key to file
+    GNUPGHOME="$TMPPRIVATE" gpg --export-secret-keys "$GPGID" | \
+	openpgp2ssh "$GPGID"
 }
 
 # if no hex string is supplied, just print an explanation.
@@ -62,52 +91,53 @@ if [  "$(echo "$1" | tr -d '0-9a-fA-F')" ]; then
     exit
 fi
 
-trap cleanup EXIT
+# set the file creation umask
+umask 077
 
 GPGIDS="$1"
+if [ "$2" -a ! -e "$2" ] ; then
+    FILE="$2"
+fi
 
 if [ -z "$GPGIDS" ]; then
     # hack: we need to get the list of secret keys, because if you
     # --list-secret-keys with no arguments, GPG fails to print the
     # capability flags (i've just filed this as
     # https://bugs.g10code.com/gnupg/issue945)
-    KEYIDS=$(gpg2 --with-colons --list-secret-keys | grep ^sec | cut -f5 -d:)
+    KEYIDS=$(gpg --with-colons --list-secret-keys | grep ^sec | cut -f5 -d:)
     # default to using all fingerprints of authentication-enabled keys 
-    GPGIDS=$(gpg  --with-colons --fingerprint --fingerprint --list-secret-keys $KEYIDS | egrep -A1 '^(ssb|sec):.*:[^:]*a[^:]*:$' | grep ^fpr: | cut -d: -f10)
+    GPGIDS=$(gpg --with-colons --fingerprint --fingerprint --list-secret-keys $KEYIDS | egrep -A1 '^(ssb|sec):.*:[^:]*a[^:]*:$' | grep ^fpr: | cut -d: -f10)
 fi
 
+trap cleanup EXIT
+
 for GPGID in $GPGIDS; do
 
     TMPPRIVATE=$(mktemp -d)
     
-    gpg --export-secret-key "$GPGID" | GNUPGHOME="$TMPPRIVATE" gpg --import
-    
-# idea to script the password stuff.  not working.
-# read -s -p "enter gpg password: " PASSWD; echo
-# cmd=$(cat <<EOF
-# passwd
-# $PASSWD
-# \n
-# \n
-# \n
-# yes
-# save
-# EOF
-# )
-# echo -e "$cmd" | GNUPGHOME="$TMPPRIVATE" gpg --command-fd 0 --edit-key $GPGID
-    
-    GNUPGHOME="$TMPPRIVATE" gpg --edit-key "$GPGID"
-
-    KEYNAME='MonkeySphere Key '$(echo "$GPGID" | tr -c -d '0-9a-fA-F')''
-# creating this alias so the key is named "monkeysphere-key" in the
-# comment stored by the agent, while never being written to disk in
-# SSH form:
-    ln -s /dev/stdin "$TMPPRIVATE/$KEYNAME"
-    
-    GNUPGHOME="$TMPPRIVATE" gpg --export-secret-keys "$GPGID" | \
-	openpgp2ssh $GPGID | (cd "$TMPPRIVATE" && ssh-add -c "$KEYNAME")
+    # if specified, write key to fail and passprotect
+    if [ "$FILE" ] ; then
+	# export secret key to file
+	export_sec_key > "$TMPPRIVATE/key"
+	# passprotect file
+	ssh-keygen -f "${TMPPRIVATE}/key" -p
+	# move into place
+	mv "${TMPPRIVATE}/key" "$FILE"
+	
+	# export public key
+	gpg --export "$GPGID" | openpgp2ssh "$GPGID" > "${FILE}.pub"
+
+    # otherwise add to agent
+    else
+	KEYNAME='MonkeySphere Key '$(echo "$GPGID" | tr -c -d '0-9a-fA-F')''
+
+	# creating this alias so the key is named "monkeysphere-key" in the
+	# comment stored by the agent, while never being written to disk in
+	# SSH form:
+	ln -s /dev/stdin "${TMPPRIVATE}/${KEYNAME}"
+
+	# export secret key to agent
+	export_sec_key | (cd "$TMPPRIVATE" && ssh-add -c "$KEYNAME")
+    fi
 
-    cleanup
 done
-
-
-- 
cgit v1.2.3


From 70bce7624684f8b9c8f569b014b2a36264717aa0 Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Fri, 8 Aug 2008 02:29:20 -0400
Subject: made clearer comments, earlier bailouts for some user ID processing

---
 src/common | 30 ++++++++++++++++++++++++------
 1 file changed, 24 insertions(+), 6 deletions(-)

(limited to 'src')

diff --git a/src/common b/src/common
index 3966705..b4e786b 100644
--- a/src/common
+++ b/src/common
@@ -294,7 +294,7 @@ gpg_fetch_userid() {
 # (see /usr/share/doc/gnupg/DETAILS.gz)
 # output is one line for every found key, in the following format:
 #
-# flag fingerprint
+# flag:fingerprint
 #
 # "flag" is an acceptability flag, 0 = ok, 1 = bad
 # "fingerprint" is the fingerprint of the key
@@ -380,6 +380,14 @@ process_user_id() {
 		fi
 		;;
 	    'uid') # user ids
+		if [ "$lastKey" != pub ] ; then
+		    log " - got a user ID after a sub key!  user IDs should only follow primary keys!"
+		    continue
+		fi
+		# don't bother with a uid if there is no valid or reasonable primary key.
+		if [ "$keyOK" != true ] ; then
+		    continue
+		fi
 		# if an acceptable user ID was already found, skip
 		if [ "$uidOK" ] ; then
 		    continue
@@ -401,14 +409,14 @@ process_user_id() {
 		if [ "$keyOK" -a "$uidOK" -a "$lastKeyOK" ] ; then
 		    log "  * acceptable primary key."
 		    if [ -z "$sshKey" ] ; then
-			log "    ! primary key could not be translated."
+			log "    ! primary key could not be translated (not RSA or DSA?)."
 		    else
 			echo "0:${sshKey}"
 		    fi
 		else
 		    log "  - unacceptable primary key."
 		    if [ -z "$sshKey" ] ; then
-			log "   ! primary key could not be translated."
+			log "   ! primary key could not be translated (not RSA or DSA?)."
 		    else
 			echo "1:${sshKey}"
 		    fi
@@ -419,7 +427,17 @@ process_user_id() {
 		lastKey=sub
 		lastKeyOK=
 		fingerprint=
+		
+		# don't bother with sub keys if the primary key is not valid
+		if [ "$keyOK" != true ] ; then
+		    continue
+		fi
 
+		# don't bother with sub keys if no user ID is acceptable:
+		if [ "$uidOK" != true ] ; then
+		    continue
+		fi
+		
 		# if sub key validity is not ok, skip
 		if [ "$validity" != 'u' -a "$validity" != 'f' ] ; then
 		    continue
@@ -442,19 +460,19 @@ process_user_id() {
 		    continue
 		fi
 
-		# output a line for the primary key
+		# output a line for the sub key
 		# 0 = ok, 1 = bad
 		if [ "$keyOK" -a "$uidOK" -a "$lastKeyOK" ] ; then
 		    log "  * acceptable sub key."
 		    if [ -z "$sshKey" ] ; then
-			log "    ! sub key could not be translated."
+			log "    ! sub key could not be translated (not RSA or DSA?)."
 		    else
 			echo "0:${sshKey}"
 		    fi
 		else
 		    log "  - unacceptable sub key."
 		    if [ -z "$sshKey" ] ; then
-			log "    ! sub key could not be translated."
+			log "    ! sub key could not be translated (not RSA or DSA?)."
 		    else
 			echo "1:${sshKey}"
 		    fi
-- 
cgit v1.2.3


From cdf4370b1384c3fdc09cc7dd93ab7df06f0f99a2 Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Fri, 8 Aug 2008 10:01:49 -0400
Subject: made monkeysphere --gen-subkey work better for users without gpg
 keys.

---
 debian/changelog                                          | 1 +
 src/monkeysphere                                          | 5 +++++
 website/bugs/monkeysphere-gen-key-should-guess-KeyID.mdwn | 2 ++
 3 files changed, 8 insertions(+)

(limited to 'src')

diff --git a/debian/changelog b/debian/changelog
index f7bf5f0..f6b69f8 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -4,6 +4,7 @@ monkeysphere (0.8-1) UNRELEASED; urgency=low
   * debian/control: switched Vcs-Git to use "centralized" git repo instead
     of my own.
   * More monkeysphere-server diagnostics
+  * monkeysphere --gen-subkey now guesses what KeyID you meant.
 
  -- Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net>  Thu, 07 Aug 2008 13:31:14 -0400
 
diff --git a/src/monkeysphere b/src/monkeysphere
index 4a611c8..8ddfe7f 100755
--- a/src/monkeysphere
+++ b/src/monkeysphere
@@ -101,6 +101,11 @@ gen_subkey(){
     else
 	keyID="$1"
     fi
+    if [ -z "$keyID" ] ; then
+	failure "You have no secret key available.  You should create an OpenPGP
+key before joining the monkeysphere. You can do this with:
+   gpg --gen-key"
+    fi
 
     # get key output, and fail if not found
     gpgOut=$(gpg --quiet --fixed-list-mode --list-secret-keys --with-colons \
diff --git a/website/bugs/monkeysphere-gen-key-should-guess-KeyID.mdwn b/website/bugs/monkeysphere-gen-key-should-guess-KeyID.mdwn
index f50cbf0..d9d0fbe 100644
--- a/website/bugs/monkeysphere-gen-key-should-guess-KeyID.mdwn
+++ b/website/bugs/monkeysphere-gen-key-should-guess-KeyID.mdwn
@@ -21,3 +21,5 @@ suggest:
   fail, and report the different key IDs that they user might want to
   select (reporting which keys already have authorization subkeys or
   the authorization capability on the primary key would be useful too)
+
+[[bugs/done]] completed 2008-08-08 09:40:33-0400 (to be released in 0.8-1)
-- 
cgit v1.2.3


From 0565fa2f4dd1e6b563d00771bf71142c4004aa9d Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Mon, 11 Aug 2008 18:10:46 -0400
Subject: added monkeysphere-server diagnostics to check for (and advise)
 AuthorizedKeysFile changes for monkeysphere-enabled authorized_keys

---
 src/monkeysphere-server | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/monkeysphere-server b/src/monkeysphere-server
index 7fac3ee..9e025f9 100755
--- a/src/monkeysphere-server
+++ b/src/monkeysphere-server
@@ -468,11 +468,11 @@ diagnostics() {
 	    fi
 
 	    # propose changes needed for sshd_config (if any)
-	    if ! grep -q "^HostKey ${VARLIB}/ssh_host_rsa_key$" /etc/ssh/sshd_config; then
+	    if ! grep -q "^HostKey[[:space:]]\+${VARLIB}/ssh_host_rsa_key$" /etc/ssh/sshd_config; then
 		echo "! /etc/ssh/sshd_config does not point to the monkeysphere host key (${VARLIB}/ssh_host_rsa_key)."
 		echo " - Recommendation: add a line to /etc/ssh/sshd_config: 'HostKey ${VARLIB}/ssh_host_rsa_key'"
 	    fi
-	    if badhostkeys=$(grep '^HostKey' | grep -q -v "^HostKey ${VARLIB}/ssh_host_rsa_key$") ; then
+	    if badhostkeys=$(grep -i '^HostKey' | grep -q -v "^HostKey[[:space:]]\+${VARLIB}/ssh_host_rsa_key$") ; then
 		echo "! /etc/sshd_config refers to some non-monkeysphere host keys:"
 		echo "$badhostkeys"
 		echo " - Recommendation: remove the above HostKey lines from /etc/ssh/sshd_config"
@@ -489,6 +489,19 @@ diagnostics() {
 
 # FIXME:  make sure that at least one identity certifier exists
 
+    echo "Checking for MonkeySphere-enabled public-key authentication for users ..."
+    # Ensure that User ID authentication is enabled:
+    if ! grep -q "^AuthorizedKeysFile[[:space:]]\+${VARLIB}/authorized_keys/%u$" /etc/ssh/sshd_config; then
+	echo "! /etc/ssh/sshd_config does not point to monkeysphere authorized keys."
+	echo " - Recommendation: add a line to /etc/ssh/sshd_config: 'AuthorizedKeysFile ${VARLIB}/authorized_keys/%u'"
+    fi
+    if badauthorizedkeys=$(grep -i '^AuthorizedKeysFile' | grep -q -v "^AuthorizedKeysFile[[:space:]]\+${VARLIB}/authorized_keys/%u$") ; then
+	echo "! /etc/sshd_config refers to non-monkeysphere authorized_keys files:"
+	echo "$badauthorizedkeys"
+	echo " - Recommendation: remove the above AuthorizedKeysFile lines from /etc/ssh/sshd_config"
+    fi
+
+
 }
 
 # retrieve key from web of trust, import it into the host keyring, and
-- 
cgit v1.2.3


From 68a626b30117bb7c40e3e3eedb8139f1085b8ca2 Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Tue, 12 Aug 2008 16:15:37 -0400
Subject: unescape *all* colons, instead of just the first one in encoded user
 IDs

---
 src/common | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/common b/src/common
index b4e786b..ff1a220 100644
--- a/src/common
+++ b/src/common
@@ -68,7 +68,7 @@ check_capability() {
 # character
 # FIXME: undo all escape character translation in with-colons gpg output
 unescape() {
-    echo "$1" | sed 's/\\x3a/:/'
+    echo "$1" | sed 's/\\x3a/:/g'
 }
 
 # remove all lines with specified string from specified file
-- 
cgit v1.2.3