From cdf4370b1384c3fdc09cc7dd93ab7df06f0f99a2 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Fri, 8 Aug 2008 10:01:49 -0400 Subject: made monkeysphere --gen-subkey work better for users without gpg keys. --- website/bugs/monkeysphere-gen-key-should-guess-KeyID.mdwn | 2 ++ 1 file changed, 2 insertions(+) (limited to 'website') diff --git a/website/bugs/monkeysphere-gen-key-should-guess-KeyID.mdwn b/website/bugs/monkeysphere-gen-key-should-guess-KeyID.mdwn index f50cbf0..d9d0fbe 100644 --- a/website/bugs/monkeysphere-gen-key-should-guess-KeyID.mdwn +++ b/website/bugs/monkeysphere-gen-key-should-guess-KeyID.mdwn @@ -21,3 +21,5 @@ suggest: fail, and report the different key IDs that they user might want to select (reporting which keys already have authorization subkeys or the authorization capability on the primary key would be useful too) + +[[bugs/done]] completed 2008-08-08 09:40:33-0400 (to be released in 0.8-1) -- cgit v1.2.3 From e1b9c5840f22837b33bab07509258a9c621e9ba6 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Fri, 8 Aug 2008 10:02:27 -0400 Subject: reporting new bug about --gen-subkey for agentless users --- ...onkeysphere-gen-subkey-fails-without-agent.mdwn | 123 +++++++++++++++++++++ 1 file changed, 123 insertions(+) create mode 100644 website/bugs/monkeysphere-gen-subkey-fails-without-agent.mdwn (limited to 'website') diff --git a/website/bugs/monkeysphere-gen-subkey-fails-without-agent.mdwn b/website/bugs/monkeysphere-gen-subkey-fails-without-agent.mdwn new file mode 100644 index 0000000..c0b3244 --- /dev/null +++ b/website/bugs/monkeysphere-gen-subkey-fails-without-agent.mdwn @@ -0,0 +1,123 @@ +[[meta title="monkeysphere --gen-subkey seems to fail if no gpg-agent is running"]] + +Consider the following transcript of a user who starts with no OpenPGP +key in the first place: + + 0 wt215@squeak:~$ monkeysphere gen-subkey + You have no secret key available. You should create an OpenPGP + key before joining the monkeysphere. You can do this with: + gpg --gen-key + 255 wt215@squeak:~$ gpg --gen-key + gpg (GnuPG) 1.4.9; Copyright (C) 2008 Free Software Foundation, Inc. + This is free software: you are free to change and redistribute it. + There is NO WARRANTY, to the extent permitted by law. + + Please select what kind of key you want: + (1) DSA and Elgamal (default) + (2) DSA (sign only) + (5) RSA (sign only) + Your selection? 5 + RSA keys may be between 1024 and 4096 bits long. + What keysize do you want? (2048) 1024 + Requested keysize is 1024 bits + Please specify how long the key should be valid. + 0 = key does not expire + = key expires in n days + w = key expires in n weeks + m = key expires in n months + y = key expires in n years + Key is valid for? (0) 1 + Key expires at Sat 09 Aug 2008 09:41:34 AM EDT + Is this correct? (y/N) y + + You need a user ID to identify your key; the software constructs the user ID + from the Real Name, Comment and Email Address in this form: + "Heinrich Heine (Der Dichter) " + + Real name: Foo T. Bar + Email address: monkey@example.org + Comment: DO NOT USE! + You selected this USER-ID: + "Foo T. Bar (DO NOT USE!) " + + Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o + You need a Passphrase to protect your secret key. + + We need to generate a lot of random bytes. It is a good idea to perform + some other action (type on the keyboard, move the mouse, utilize the + disks) during the prime generation; this gives the random number + generator a better chance to gain enough entropy. + +++++ + gpg: key A09F70B7 marked as ultimately trusted + public and secret key created and signed. + + gpg: checking the trustdb + gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model + gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u + gpg: next trustdb check due at 2008-08-09 + pub 1024R/A09F70B7 2008-08-08 [expires: 2008-08-09] + Key fingerprint = C3D3 1063 7CA1 5809 9EB9 7A63 F4E4 8D01 A09F 70B7 + uid Foo T. Bar (DO NOT USE!) + + Note that this key cannot be used for encryption. You may want to use + the command "--edit-key" to generate a subkey for this purpose. + 0 wt215@squeak:~$ monkeysphere gen-subkey + Please specify how long the key should be valid. + 0 = key does not expire + = key expires in n days + w = key expires in n weeks + m = key expires in n months + y = key expires in n years + Key is valid for? (0) 2 + ms: generating subkey... + gpg (GnuPG) 1.4.9; Copyright (C) 2008 Free Software Foundation, Inc. + This is free software: you are free to change and redistribute it. + There is NO WARRANTY, to the extent permitted by law. + + Secret key is available. + + pub 1024R/A09F70B7 created: 2008-08-08 expires: 2008-08-09 usage: SC + trust: ultimate validity: ultimate + [ultimate] (1). Foo T. Bar (DO NOT USE!) + + Key is protected. + + You need a passphrase to unlock the secret key for + user: "Foo T. Bar (DO NOT USE!) " + 1024-bit RSA key, ID A09F70B7, created 2008-08-08 + + gpg: Invalid passphrase; please try again ... + + You need a passphrase to unlock the secret key for + user: "Foo T. Bar (DO NOT USE!) " + 1024-bit RSA key, ID A09F70B7, created 2008-08-08 + + gpg: Invalid passphrase; please try again ... + + You need a passphrase to unlock the secret key for + user: "Foo T. Bar (DO NOT USE!) " + 1024-bit RSA key, ID A09F70B7, created 2008-08-08 + + gpg: Key generation failed: bad passphrase + + + Invalid command (try "help") + + ms: done. + 0 wt215@squeak:~$ + +This user does not have `use-agent` configured in `~/.gnupg/gpg.conf`. + +This problem can be resolved by the user doing: + + echo use-agent >> ~/.gnupg/gpg.conf + gpg-agent --daemon monkeysphere --gen-subkey + +Then they will be prompted for their passphrase during key creation. + +If we're OK with relying on `gpg-agent`, we should make make that an +explicit dependency, and ensure that an agent is running (or start one +up specifically for the process). + +If we're not OK with relying on the agent, `--gen-subkey` needs +fixing. -- cgit v1.2.3 From 7ee8b7563301c329b3b8850cfbb5c918b9892b7f Mon Sep 17 00:00:00 2001 From: Jamie McClelland Date: Fri, 8 Aug 2008 10:46:36 -0400 Subject: adding new bug. --- ...phere-should-respect-keyserver-settings-in-gpg.conf | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 website/bugs/monkeysphere-should-respect-keyserver-settings-in-gpg.conf (limited to 'website') diff --git a/website/bugs/monkeysphere-should-respect-keyserver-settings-in-gpg.conf b/website/bugs/monkeysphere-should-respect-keyserver-settings-in-gpg.conf new file mode 100644 index 0000000..31468bc --- /dev/null +++ b/website/bugs/monkeysphere-should-respect-keyserver-settings-in-gpg.conf @@ -0,0 +1,18 @@ +[[meta title="Monkeysphere should consult keyserver setting in gpg.conf"]] + +Currently, monkeysphere-ssh-proxycommand checks the following places to +determine which keyserver to use (in order of priority): + + * environment variable (MONKEYSPHERE_KEYSERVER) + * KEYSERVER variable in ~/.config/monkeysphere/monkeysphere.conf + * default value of subkeys.pgp.net + +It would be useful if monkeysphere also consulted ~/.gnupg/gpg.conf, using the +following order instead: + + * environment variable (MONKEYSPHERE_KEYSERVER) + * KEYSERVER variable in ~/.config/monkeysphere/monkeysphere.conf + * keyserver variable in ~/.gnupg/gpg.conf + * default value of subkeys.pgp.net + +- Sir Jam Jam -- cgit v1.2.3 From 60624b803767e3eaebe14e09e371e0990273c017 Mon Sep 17 00:00:00 2001 From: Jamie McClelland Date: Fri, 8 Aug 2008 10:49:59 -0400 Subject: renaming my bug to end in mdwn. --- ...phere-should-respect-keyserver-settings-in-gpg.mdwn | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 website/bugs/monkeysphere-should-respect-keyserver-settings-in-gpg.mdwn (limited to 'website') diff --git a/website/bugs/monkeysphere-should-respect-keyserver-settings-in-gpg.mdwn b/website/bugs/monkeysphere-should-respect-keyserver-settings-in-gpg.mdwn new file mode 100644 index 0000000..31468bc --- /dev/null +++ b/website/bugs/monkeysphere-should-respect-keyserver-settings-in-gpg.mdwn @@ -0,0 +1,18 @@ +[[meta title="Monkeysphere should consult keyserver setting in gpg.conf"]] + +Currently, monkeysphere-ssh-proxycommand checks the following places to +determine which keyserver to use (in order of priority): + + * environment variable (MONKEYSPHERE_KEYSERVER) + * KEYSERVER variable in ~/.config/monkeysphere/monkeysphere.conf + * default value of subkeys.pgp.net + +It would be useful if monkeysphere also consulted ~/.gnupg/gpg.conf, using the +following order instead: + + * environment variable (MONKEYSPHERE_KEYSERVER) + * KEYSERVER variable in ~/.config/monkeysphere/monkeysphere.conf + * keyserver variable in ~/.gnupg/gpg.conf + * default value of subkeys.pgp.net + +- Sir Jam Jam -- cgit v1.2.3 From 71957c6582a865d214db0cf91fb6d98da421ffc0 Mon Sep 17 00:00:00 2001 From: Jamie McClelland Date: Fri, 8 Aug 2008 10:50:46 -0400 Subject: fixing my sig so it doesn't indent weirdly. --- website/bugs/monkeysphere-should-respect-keyserver-settings-in-gpg.mdwn | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'website') diff --git a/website/bugs/monkeysphere-should-respect-keyserver-settings-in-gpg.mdwn b/website/bugs/monkeysphere-should-respect-keyserver-settings-in-gpg.mdwn index 31468bc..3fbf19f 100644 --- a/website/bugs/monkeysphere-should-respect-keyserver-settings-in-gpg.mdwn +++ b/website/bugs/monkeysphere-should-respect-keyserver-settings-in-gpg.mdwn @@ -15,4 +15,4 @@ following order instead: * keyserver variable in ~/.gnupg/gpg.conf * default value of subkeys.pgp.net -- Sir Jam Jam +-- Sir Jam Jam -- cgit v1.2.3 From be8136a52f372488802ca50ad4038e3dce52dc17 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 12 Aug 2008 16:09:42 -0400 Subject: new bug about missing known_hosts file --- website/bugs/missing-known_hosts-causes-error.mdwn | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 website/bugs/missing-known_hosts-causes-error.mdwn (limited to 'website') diff --git a/website/bugs/missing-known_hosts-causes-error.mdwn b/website/bugs/missing-known_hosts-causes-error.mdwn new file mode 100644 index 0000000..8f4e27c --- /dev/null +++ b/website/bugs/missing-known_hosts-causes-error.mdwn @@ -0,0 +1,8 @@ +[[meta title="Missing `~/.ssh/known_hosts` file causes errors from monkeysphere-ssh-proxycommand"]] + +As a user, if you don't have a `~/.ssh/known_hosts` file, +`monkeysphere-ssh-proxycommand` produces some bogus output, like: + + cat: /home/foo/.ssh/known_hosts: No such file or directory + +this should be fixable with a simple test. -- cgit v1.2.3