From 70674cae8b3d69d0e750125387b26c0d5857c5ba Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Tue, 12 Aug 2008 18:24:18 -0700 Subject: fix another bug when processing ssh key files that do not exist. --- ...phere-should-respect-keyserver-settings-in-gpg.conf | 18 ------------------ 1 file changed, 18 deletions(-) delete mode 100644 website/bugs/monkeysphere-should-respect-keyserver-settings-in-gpg.conf (limited to 'website') diff --git a/website/bugs/monkeysphere-should-respect-keyserver-settings-in-gpg.conf b/website/bugs/monkeysphere-should-respect-keyserver-settings-in-gpg.conf deleted file mode 100644 index 31468bc..0000000 --- a/website/bugs/monkeysphere-should-respect-keyserver-settings-in-gpg.conf +++ /dev/null @@ -1,18 +0,0 @@ -[[meta title="Monkeysphere should consult keyserver setting in gpg.conf"]] - -Currently, monkeysphere-ssh-proxycommand checks the following places to -determine which keyserver to use (in order of priority): - - * environment variable (MONKEYSPHERE_KEYSERVER) - * KEYSERVER variable in ~/.config/monkeysphere/monkeysphere.conf - * default value of subkeys.pgp.net - -It would be useful if monkeysphere also consulted ~/.gnupg/gpg.conf, using the -following order instead: - - * environment variable (MONKEYSPHERE_KEYSERVER) - * KEYSERVER variable in ~/.config/monkeysphere/monkeysphere.conf - * keyserver variable in ~/.gnupg/gpg.conf - * default value of subkeys.pgp.net - -- Sir Jam Jam -- cgit v1.2.3 From 221b6ca36694b3ec437794a925c7b665a065a74e Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Wed, 13 Aug 2008 11:51:48 -0400 Subject: switched published URL to dkgs git repo to use the git protocol. --- website/download.mdwn | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'website') diff --git a/website/download.mdwn b/website/download.mdwn index f215f80..982f88f 100644 --- a/website/download.mdwn +++ b/website/download.mdwn @@ -32,7 +32,7 @@ The git repo from this web site: [Daniel Kahn Gillmor](http://cmrg.fifthhorseman.net/wiki/dkg): - git clone http://lair.fifthhorseman.net/~dkg/git/monkeysphere.git monkeysphere + git clone git://lair.fifthhorseman.net/~dkg/monkeysphere monkeysphere ## Contact ## -- cgit v1.2.3 From f672b68d7d43e4e8bd57b72a1bf9788dd52e728b Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Wed, 13 Aug 2008 15:57:31 -0400 Subject: documenting our trouble with (and possible approaches to) handling passphrase-locked secret keys. --- .../bugs/handle-passphrase-locked-secret-keys.mdwn | 83 ++++++++++++++++++++++ 1 file changed, 83 insertions(+) create mode 100644 website/bugs/handle-passphrase-locked-secret-keys.mdwn (limited to 'website') diff --git a/website/bugs/handle-passphrase-locked-secret-keys.mdwn b/website/bugs/handle-passphrase-locked-secret-keys.mdwn new file mode 100644 index 0000000..a61b5ba --- /dev/null +++ b/website/bugs/handle-passphrase-locked-secret-keys.mdwn @@ -0,0 +1,83 @@ +[[meta title="MonkeySphere needs to be able to cleanly export passphrase-locked secret keys from the GPG keyring"]] + +At the moment, the only tool we have to export passphrase-locked +secret keys from the GPG keyring is `gpg` itself (and `gpg2`, which +has roughly the same behavior). + +As a result, we have the `seckey2sshagent` hack, which is unfriendly +and awkward to use. + +Ideally, `openpgp2ssh` would be able to convert passphrase-locked +secret keys into clean subkeys. However, i've tried to do this via +GnuTLS, and that library is not ready for this. + +OpenCDK, which is the component of GnuTLS which reads OpenPGP-style +keys, cannot cope with encrypted secret key material. I have had +[some +success](http://lists.gnu.org/archive/html/gnutls-devel/2008-06/msg00092.html) +in getting GnuTLS's OpenCDK to accept the existence of encrypted +secret key packets, [i learned that OpenCDK as included in GnuTLS is +incapable of dealing with the encrypted packets +themselves](http://lists.gnu.org/archive/html/gnutls-devel/2008-07/msg00012.html). + + +Some possible resolutions: + +--------- + +If we can assume that the passphrase-encrypted key we want to use is +actually a subkey, and if we could fix GnuTLS to ignore the use of the +"gnu-dummy S2K" produced by `gpg --export-secret-subkeys` for the +primary key, then something like the following script should actually +work for reasonable values of `$KEYID`: + + TMPDIR=$(mktemp -d) + uname 077 + mkfifo "$TMPDIR/passphrase" + kname="MonkeySphere Key $KEYID" + mkfifo "$TMPDIR/$kname" + ssh-agent "Please enter the passphrase for MonkeySphere key $KEYID" >"$TMPDIR/passphrase" & + gpg --passphrase-fd 3 3<"$TMPDIR/passphrase" --export-options export-reset-subkey-passwd,export-minimal,no-export-attributes --export-secret-subkeys "$KEYID"\! | openpgp2ssh "$KEYID" > "$TMPDIR/$kname" + (cd "$TMPDIR" && ssh-add -c "$kname") + rm -rf "$TMPDIR" + +--------- + +Ben Laurie and Rachel Willmer's +[OpenPGPSDK](http://openpgp.nominet.org.uk) is a candidate: this is a +C-based library that intends to implement RFC 4880 functionality. + +We could potentially re-write `openpgp2ssh` using this library, and it +*should* be able to handle everything we need from the OpenPGP side +(though it might need to be re-linked to OpenSSL to handle PEM-encoded +exports. + +Concerns: + +* OpenPGPSDK is not in debian yet, and doesn't currently (2008-08-13) + build with gcc 4.2 or 4.3. + +* OpenPGPSDK uses the apache license and appears to link to OpenSSL, + which has a GPL-incompatible license. I think this would mean that + `openpgp2ssh` could not remain GPL (though the rest of the + monkeysphere could). + +--------- + +We could try to use perl. The last time i checked, the pure-perl +OpenPGP implementations all depended on Math::PARI, which [is not in +debian](http://bugs.debian.org/440527). The most likely candidate is +[Crypt::OpenPGP](http://search.cpan.org/~btrott/Crypt-OpenPGP), +despite [some +bugginess](http://cpanratings.perl.org/dist/Crypt-OpenPGP). + +Concerns: + +* the aforementioned buggy reviews + +* there's a lot of dependency chasing to get anything like this + available in debian. + +--------- + +Other alternatives? -- cgit v1.2.3 From dfb394d65acbb060bc6350b7829024fd641aa73d Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Wed, 13 Aug 2008 16:20:32 -0400 Subject: suggesting reorganization of monkeysphere-server shortcuts. --- .../reorganize-monkeysphere-server-shortcuts.mdwn | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 website/bugs/reorganize-monkeysphere-server-shortcuts.mdwn (limited to 'website') diff --git a/website/bugs/reorganize-monkeysphere-server-shortcuts.mdwn b/website/bugs/reorganize-monkeysphere-server-shortcuts.mdwn new file mode 100644 index 0000000..5a4b946 --- /dev/null +++ b/website/bugs/reorganize-monkeysphere-server-shortcuts.mdwn @@ -0,0 +1,19 @@ +[[meta title="Reorganize monkeysphere-server shortcuts"]] + +Currently, `monkeysphere-server` supports three subcommands to adjust +the "identity certifiers": + +* `add-identity-certifier` (`a`) +* `remove-identity-certifier` (`r`) +* `list-identity-certifier` (`l`) + +Since [we also want to be able to add/remove multiple +hostnames](multiple-hostnames), i think we should change the shortcuts +from `a`, `r`, and `l` to `c+`, `c-`, and `c`. + +This would let us create new subcommands like: + +* `add-host-name` (`n+`) +* `revoke-host-name` (`n-`) +* `list-host-names` (`n`) + -- cgit v1.2.3 From 48bdbc58cfe649c404240b629d9cef5134da5937 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Wed, 13 Aug 2008 16:51:39 -0400 Subject: suggesting that we start encouraging host key publication. --- website/bugs/allow-publishing-to-public-keyservers.mdwn | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 website/bugs/allow-publishing-to-public-keyservers.mdwn (limited to 'website') diff --git a/website/bugs/allow-publishing-to-public-keyservers.mdwn b/website/bugs/allow-publishing-to-public-keyservers.mdwn new file mode 100644 index 0000000..c6c8057 --- /dev/null +++ b/website/bugs/allow-publishing-to-public-keyservers.mdwn @@ -0,0 +1,16 @@ +[[meta title="monkeysphere-server publish-key does not work"]] + +Currently, if you try to run `monkeysphere-server publish-key`, you +can get the following output: + + Really publish key to subkeys.pgp.net? (y/N) y + NOT PUBLISHED (to avoid permanent publication errors during monkeysphere development). + The following command should publish the key: + monkeysphere-server gpg-authentication-cmd '--keyserver subkeys.pgp.net --send-keys foo.example.org' + +I think we've demonstrated that this system works enough to warrant +using the public keyserver infrastructure. + +I suggest that we should actually enable this feature explicitly. +(leaving in the prompt is fine, though it would be nice to be able to +`--force` it or something). -- cgit v1.2.3 From f11ad8ca1d864d40bdf9ede74bc00d586b0a339c Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Wed, 13 Aug 2008 15:35:06 -0700 Subject: close "missing-known_hosts-causes-error" --- website/bugs/missing-known_hosts-causes-error.mdwn | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'website') diff --git a/website/bugs/missing-known_hosts-causes-error.mdwn b/website/bugs/missing-known_hosts-causes-error.mdwn index 8f4e27c..4a5cf99 100644 --- a/website/bugs/missing-known_hosts-causes-error.mdwn +++ b/website/bugs/missing-known_hosts-causes-error.mdwn @@ -6,3 +6,9 @@ As a user, if you don't have a `~/.ssh/known_hosts` file, cat: /home/foo/.ssh/known_hosts: No such file or directory this should be fixable with a simple test. + +------ + +Fixed in 70674cae8b3d69d0e750125387b26c0d5857c5ba. + +[[bugs/done]] 2008-08-12 -- cgit v1.2.3 From 56d6185075f3416b60d5cd3dcebd8cae28ec4295 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Wed, 13 Aug 2008 23:01:03 -0400 Subject: added note about GnuTLS patch for "gnu-dummy" S2K extension --- website/bugs/handle-passphrase-locked-secret-keys.mdwn | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'website') diff --git a/website/bugs/handle-passphrase-locked-secret-keys.mdwn b/website/bugs/handle-passphrase-locked-secret-keys.mdwn index a61b5ba..b66e4c7 100644 --- a/website/bugs/handle-passphrase-locked-secret-keys.mdwn +++ b/website/bugs/handle-passphrase-locked-secret-keys.mdwn @@ -41,6 +41,13 @@ work for reasonable values of `$KEYID`: (cd "$TMPDIR" && ssh-add -c "$kname") rm -rf "$TMPDIR" +Good news! [I've crafted a patch for GnuTLS to enable it to read +exported subkeys using this GNU +extension](http://lists.gnu.org/archive/html/gnutls-devel/2008-08/msg00005.html), +so if we can get it incorporated into upstream (and/or into debian), +we have a possible solution, as long as the authentication key is a +subkey, and not a primary key. + --------- Ben Laurie and Rachel Willmer's -- cgit v1.2.3 From d3c6dd0928ec9c7a3fd1f155c4b4b1bd1b3e6b41 Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Thu, 14 Aug 2008 09:58:38 -0700 Subject: commiting some bug comments. --- website/bugs/monkeysphere-gen-subkey-fails-without-agent.mdwn | 8 ++++++++ website/bugs/multiple-hostnames.mdwn | 9 +++++++++ website/bugs/setup-test-server-for-public.mdwn | 7 +++++++ 3 files changed, 24 insertions(+) (limited to 'website') diff --git a/website/bugs/monkeysphere-gen-subkey-fails-without-agent.mdwn b/website/bugs/monkeysphere-gen-subkey-fails-without-agent.mdwn index c0b3244..28556e3 100644 --- a/website/bugs/monkeysphere-gen-subkey-fails-without-agent.mdwn +++ b/website/bugs/monkeysphere-gen-subkey-fails-without-agent.mdwn @@ -121,3 +121,11 @@ up specifically for the process). If we're not OK with relying on the agent, `--gen-subkey` needs fixing. + +--- + +I think requiring the agent and using it for getting the passphrase is +fine. That should make this bug fairly easy to fix, so I'll get on +it. + +-- BJ (jgr) diff --git a/website/bugs/multiple-hostnames.mdwn b/website/bugs/multiple-hostnames.mdwn index ab5e4e2..5668aae 100644 --- a/website/bugs/multiple-hostnames.mdwn +++ b/website/bugs/multiple-hostnames.mdwn @@ -13,3 +13,12 @@ ones). For example: `george.riseup.net` is now also known as `monkeysphere.info`. It'd be nice to have a convenient way to add that hostname to the key without mucking around with gpg directly. + +--- + +So how do we imagine the behavior here? I assume that basically it +would just add/remove user ID's to/from the host key locally. I guess +we will continue to rely on the "publish-key" subcommand to actually +publish all changes to the keys. + +-- BJ (jgr) diff --git a/website/bugs/setup-test-server-for-public.mdwn b/website/bugs/setup-test-server-for-public.mdwn index 2cafafc..2ec2a24 100644 --- a/website/bugs/setup-test-server-for-public.mdwn +++ b/website/bugs/setup-test-server-for-public.mdwn @@ -44,3 +44,10 @@ write a simple note like: before you connect to the host. Here's how... --dkg + +--- + +So do we agree that george is doing what we want, and we can therefore +close this bug? + +-- BJ (jgr) -- cgit v1.2.3 From 7d5d1b04f621325a986d3345718c12e9ec753391 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 14 Aug 2008 13:29:58 -0400 Subject: more comments on bugs. --- .../monkeysphere-gen-subkey-fails-without-agent.mdwn | 6 ++++++ website/bugs/multiple-hostnames.mdwn | 13 +++++++++++++ website/bugs/setup-test-server-for-public.mdwn | 16 ++++++++++++++++ 3 files changed, 35 insertions(+) (limited to 'website') diff --git a/website/bugs/monkeysphere-gen-subkey-fails-without-agent.mdwn b/website/bugs/monkeysphere-gen-subkey-fails-without-agent.mdwn index 28556e3..7e735d2 100644 --- a/website/bugs/monkeysphere-gen-subkey-fails-without-agent.mdwn +++ b/website/bugs/monkeysphere-gen-subkey-fails-without-agent.mdwn @@ -129,3 +129,9 @@ fine. That should make this bug fairly easy to fix, so I'll get on it. -- BJ (jgr) + +--- + +Alternately, we could use `--passwd-fd` and `ssh-agent`, along the +lines i proposed [for handling passphrase-locked secret +keys](handle-passphrase-locked-secret-keys). diff --git a/website/bugs/multiple-hostnames.mdwn b/website/bugs/multiple-hostnames.mdwn index 5668aae..7597af5 100644 --- a/website/bugs/multiple-hostnames.mdwn +++ b/website/bugs/multiple-hostnames.mdwn @@ -22,3 +22,16 @@ we will continue to rely on the "publish-key" subcommand to actually publish all changes to the keys. -- BJ (jgr) + +--- + +I think [when we reorganize the `monkeysphere-server` +shortcuts](reorganize-monkeysphere-server-shortcuts) it'll make it +clearer what the right interface should be. + +As for what should actually happen, i think that the server should +actively revoke old User IDs, rather than removing them. It should +probably prompt the administrator to re-publish the host key as well, +to ensure that the new User IDs are published. + + --dkg diff --git a/website/bugs/setup-test-server-for-public.mdwn b/website/bugs/setup-test-server-for-public.mdwn index 2ec2a24..aa6da61 100644 --- a/website/bugs/setup-test-server-for-public.mdwn +++ b/website/bugs/setup-test-server-for-public.mdwn @@ -51,3 +51,19 @@ So do we agree that george is doing what we want, and we can therefore close this bug? -- BJ (jgr) + +--- + +I'm fine with closing this bug, unless we want to set up the limited +shell access/welcome letter like i described above. If we want to do +that, it'd be worth keeping it open until those scripts are written. + +I envision a script you'd invoke like: + + root@george# addmsuser foo 'Foo T. Bar ' + +Which would create the `foo` account, populate +`~foo/.config/monkeysphere/authorized_user_ids`, make a note in a log +someplace, and send a welcome letter. + +--dkg -- cgit v1.2.3 From 29bd1c086f55f6a0bec2a2a55bf0cdd7d1f14a97 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 14 Aug 2008 16:41:17 -0400 Subject: added note about post to openssh-unix-dev w.r.t. an ssh client config parser --- website/bugs/monkeysphere-ignores-HashKnownHosts-directive.mdwn | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'website') diff --git a/website/bugs/monkeysphere-ignores-HashKnownHosts-directive.mdwn b/website/bugs/monkeysphere-ignores-HashKnownHosts-directive.mdwn index 0f6654c..2dac579 100644 --- a/website/bugs/monkeysphere-ignores-HashKnownHosts-directive.mdwn +++ b/website/bugs/monkeysphere-ignores-HashKnownHosts-directive.mdwn @@ -22,3 +22,12 @@ any ssh or sshd config file. This will probably need to be delt with down the line, but it's not a particular easy task at the moment. -- Big Jimmy. + +--- + +I've [posted to the `openssh-unix-dev` list to see if there is a +possibility of openssh making our lives easier +here](http://marc.info/?l=openssh-unix-dev&m=121804767122918&w=2), but +i haven't had much of a response yet. + +--dkg -- cgit v1.2.3 From 6d4dbe49e803c76d1c8ac3550aff6c246a251371 Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Thu, 14 Aug 2008 21:05:26 -0700 Subject: commit bug comment --- website/bugs/setup-test-server-for-public.mdwn | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'website') diff --git a/website/bugs/setup-test-server-for-public.mdwn b/website/bugs/setup-test-server-for-public.mdwn index aa6da61..c926dc6 100644 --- a/website/bugs/setup-test-server-for-public.mdwn +++ b/website/bugs/setup-test-server-for-public.mdwn @@ -67,3 +67,11 @@ Which would create the `foo` account, populate someplace, and send a welcome letter. --dkg + +--- + +That idea really seems like a lot more trouble than it's worth to me, +and I'm not really willing to maintain it myself, but if someone else +wants to handle that, that would be fine with me. + +-- jgr -- cgit v1.2.3 From 0181b6fc50824941e4f7ac3f535a216b8189568e Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Thu, 14 Aug 2008 22:34:17 -0700 Subject: reorganize shortcuts for monkeysphere-server --- man/man8/monkeysphere-server.8 | 6 +++--- src/monkeysphere-server | 20 ++++++++++---------- .../reorganize-monkeysphere-server-shortcuts.mdwn | 3 +++ 3 files changed, 16 insertions(+), 13 deletions(-) (limited to 'website') diff --git a/man/man8/monkeysphere-server.8 b/man/man8/monkeysphere-server.8 index 527cae7..74e9a10 100644 --- a/man/man8/monkeysphere-server.8 +++ b/man/man8/monkeysphere-server.8 @@ -68,15 +68,15 @@ domain (e.g. "trust KEYID to certify user identities within the @example.org domain"). A certifier trust level can be specified with the `-t' or `--trust' option (possible values are `marginal' and `full' (default is `full')). A certifier trust depth can be specified -with the `-d' or `--depth' option (default is 1). `a' may be used in +with the `-d' or `--depth' option (default is 1). `c+' may be used in place of `add-identity-certifier'. .TP .B remove-identity-certifier KEYID Instruct system to ignore user identity certifications made by KEYID. -`r' may be used in place of `remove-identity-certifier'. +`c-' may be used in place of `remove-identity-certifier'. .TP .B list-identity-certifiers -List key IDs trusted by the system to certify user identities. `l' +List key IDs trusted by the system to certify user identities. `c' may be used in place of `list-identity-certifiers'. .TP .B gpg-authentication-cmd diff --git a/src/monkeysphere-server b/src/monkeysphere-server index d9b8676..21973dd 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -43,16 +43,16 @@ subcommands: -l|--length BITS key length in bits (2048) -e|--expire EXPIRE date to expire -r|--revoker FINGERPRINT add a revoker - show-fingerprint (f) show server's host key fingerprint - publish-key (p) publish server's host key to keyserver - diagnostics (d) report on the server's monkeysphere status + show-fingerprint (f) show server host key fingerprint + publish-key (p) publish server host key to keyserver + diagnostics (d) report on server monkeysphere status - add-identity-certifier (a) KEYID import and tsign a certification key - -n|--domain DOMAIN limit ID certifications to IDs in DOMAIN + add-id-certifier (c+) KEYID import and tsign a certification key + -n|--domain DOMAIN limit ID certifications to DOMAIN -t|--trust TRUST trust level of certifier (full) -d|--depth DEPTH trust depth for certifier (1) - remove-identity-certifier (r) KEYID remove a certification key - list-identity-certifiers (l) list certification keys + remove-id-certifier (c-) KEYID remove a certification key + list-id-certifiers (c) list certification keys gpg-authentication-cmd CMD gnupg-authentication command @@ -696,15 +696,15 @@ case $COMMAND in diagnostics ;; - 'add-identity-certifier'|'add-certifier'|'a') + 'add-identity-certifier'|'add-id-certifier'|'add-certifier'|'c+') add_certifier "$1" ;; - 'remove-identity-certifier'|'remove-certifier'|'r') + 'remove-identity-certifier'|'remove-id-certifier'|'remove-certifier'|'c-') remove_certifier "$1" ;; - 'list-identity-certifiers'|'list-certifiers'|'list-certifier'|'l') + 'list-identity-certifiers'|'list-id-certifiers'|'list-certifiers'|'list-certifier'|'c') list_certifiers "$@" ;; diff --git a/website/bugs/reorganize-monkeysphere-server-shortcuts.mdwn b/website/bugs/reorganize-monkeysphere-server-shortcuts.mdwn index 5a4b946..104bda7 100644 --- a/website/bugs/reorganize-monkeysphere-server-shortcuts.mdwn +++ b/website/bugs/reorganize-monkeysphere-server-shortcuts.mdwn @@ -17,3 +17,6 @@ This would let us create new subcommands like: * `revoke-host-name` (`n-`) * `list-host-names` (`n`) +--- + +[[bugs/done]] 2008-08-14 -- cgit v1.2.3 From 6649b331ec60ae138c3c893d65e3465a57939c97 Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Fri, 15 Aug 2008 00:52:25 -0700 Subject: update bugs --- website/bugs/allow-publishing-to-public-keyservers.mdwn | 4 ++++ website/bugs/reorganize-monkeysphere-server-shortcuts.mdwn | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) (limited to 'website') diff --git a/website/bugs/allow-publishing-to-public-keyservers.mdwn b/website/bugs/allow-publishing-to-public-keyservers.mdwn index c6c8057..1548775 100644 --- a/website/bugs/allow-publishing-to-public-keyservers.mdwn +++ b/website/bugs/allow-publishing-to-public-keyservers.mdwn @@ -14,3 +14,7 @@ using the public keyserver infrastructure. I suggest that we should actually enable this feature explicitly. (leaving in the prompt is fine, though it would be nice to be able to `--force` it or something). + +--- + +[[bugs/done]] 2008-08-15 in 6fb350a883fa4d8b1bc9b5e01cc3b01c96354d08 diff --git a/website/bugs/reorganize-monkeysphere-server-shortcuts.mdwn b/website/bugs/reorganize-monkeysphere-server-shortcuts.mdwn index 104bda7..ad66dd5 100644 --- a/website/bugs/reorganize-monkeysphere-server-shortcuts.mdwn +++ b/website/bugs/reorganize-monkeysphere-server-shortcuts.mdwn @@ -19,4 +19,4 @@ This would let us create new subcommands like: --- -[[bugs/done]] 2008-08-14 +[[bugs/done]] 2008-08-14 in 0181b6fc50824941e4f7ac3f535a216b8189568e -- cgit v1.2.3 From 9ce83dcd98305f63c3e3df9bd9ba82291800c43e Mon Sep 17 00:00:00 2001 From: Jamie McClelland Date: Fri, 15 Aug 2008 10:16:36 -0400 Subject: fix link in dkg's comment. --- website/bugs/monkeysphere-gen-subkey-fails-without-agent.mdwn | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'website') diff --git a/website/bugs/monkeysphere-gen-subkey-fails-without-agent.mdwn b/website/bugs/monkeysphere-gen-subkey-fails-without-agent.mdwn index 7e735d2..51cf57e 100644 --- a/website/bugs/monkeysphere-gen-subkey-fails-without-agent.mdwn +++ b/website/bugs/monkeysphere-gen-subkey-fails-without-agent.mdwn @@ -134,4 +134,4 @@ it. Alternately, we could use `--passwd-fd` and `ssh-agent`, along the lines i proposed [for handling passphrase-locked secret -keys](handle-passphrase-locked-secret-keys). +keys](/bugs/handle-passphrase-locked-secret-keys). -- cgit v1.2.3