summaryrefslogtreecommitdiff
path: root/man/man1/monkeysphere.1
blob: 2ca8a731e8203538103dc52c3f654474df537be8 (plain)
  1. .TH MONKEYSPHERE "1" "June 2008" "monkeysphere 0.1" "User Commands"
  2. .SH NAME
  3. monkeysphere \- MonkeySphere client user interface
  4. .SH SYNOPSIS
  5. .B monkeysphere \fIsubcommand\fP [\fIargs\fP]
  6. .SH DESCRIPTION
  7. \fBMonkeySphere\fP is a framework to leverage the OpenPGP Web of Trust
  8. for ssh authentication. OpenPGP keys are tracked via GnuPG, and added
  9. to the authorized_keys and known_hosts files used by ssh for
  10. connection authentication.
  11. \fBmonkeysphere\fP is the MonkeySphere client utility.
  12. .SH SUBCOMMANDS
  13. \fBmonkeysphere\fP takes various subcommands:
  14. .TP
  15. .B update-known_hosts [HOST]...
  16. Update the known_hosts file. For each specified host, gpg will be
  17. queried for a key associated with the host URI (see HOST
  18. IDENTIFICATION in monkeysphere(5)), optionally querying a keyserver.
  19. If an acceptable key is found for the host (see KEY ACCEPTABILITY in
  20. monkeysphere(5)), the key is added to the user's known_hosts file. If
  21. a key is found but is unacceptable for the host, any matching keys are
  22. removed from the user's known_hosts file. If no gpg key is found for
  23. the host, nothing is done. If no hosts are specified, all hosts
  24. listed in the known_hosts file will be processed. This subcommand
  25. will exit with a status of 0 if at least one acceptable key was found
  26. for a specified host, 1 if no matching keys were found at all, and 2
  27. if matching keys were found but none were acceptable. `k' may be used
  28. in place of `update-known_hosts'.
  29. .TP
  30. .B update-authorized_keys
  31. Update the authorized_keys file. For each user ID in the user's
  32. authorized_user_ids file, gpg will be queried for keys associated with
  33. that user ID, optionally querying a keyserver. If an acceptable key
  34. is found (see KEY ACCEPTABILITY in monkeysphere(5)), the key is added
  35. to the user's authorized_keys file. If a key is found but is
  36. unacceptable for the user ID, any matching keys are removed from the
  37. user's authorized_keys file. If no gpg key is found for the user ID,
  38. nothing is done. This subcommand will exit with a status of 0 if at
  39. least one acceptable key was found for a user ID, 1 if no matching
  40. keys were found at all, and 2 if matching keys were found but none
  41. were acceptable. `a' may be used in place of
  42. `update-authorized_keys'.
  43. .TP
  44. .B gen-subkey KEYID
  45. Generate an authentication subkey. For the primary key with the
  46. specified key ID, generate a subkey with "authentication" capability
  47. that can be used for monkeysphere transactions. An expiration length
  48. can be specified with the `-e' or `--expire' option (prompt
  49. otherwise). `g' may be used in place of `gen-subkey'.
  50. .TP
  51. .B help
  52. Output a brief usage summary. `h' or `?' may be used in place of
  53. `help'.
  54. .SH ENVIRONMENT
  55. The following environment variables will override those specified in
  56. the monkeysphere.conf configuration file (defaults in parentheses):
  57. .TP
  58. MONKEYSPHERE_GNUPGHOME, GNUPGHOME
  59. GnuPG home directory (~/.gnupg).
  60. .TP
  61. MONKEYSPHERE_KEYSERVER
  62. OpenPGP keyserver to use (subkeys.pgp.net).
  63. .TP
  64. MONKEYSPHERE_CHECK_KEYSERVER
  65. Whether or not to check keyserver when making gpg queries (`true').
  66. .TP
  67. MONKEYSPHERE_KNOWN_HOSTS
  68. Path to ssh known_hosts file (~/.ssh/known_hosts).
  69. .TP
  70. MONKEYSPHERE_HASH_KNOWN_HOSTS
  71. Whether or not to hash to the known_hosts file entries (`true').
  72. .TP
  73. MONKEYSPHERE_AUTHORIZED_KEYS
  74. Path to ssh authorized_keys file (~/.ssh/authorized_keys).
  75. .SH FILES
  76. .TP
  77. ~/.config/monkeysphere/monkeysphere.conf
  78. User monkeysphere config file.
  79. .TP
  80. /etc/monkeysphere/monkeysphere.conf
  81. System-wide monkeysphere config file.
  82. .TP
  83. ~/.config/monkeysphere/authorized_user_ids
  84. OpenPGP user IDs associated with keys that will be checked for
  85. addition to the authorized_keys file.
  86. .SH AUTHOR
  87. Written by Jameson Rollins <jrollins@fifthhorseman.net>, Daniel
  88. Kahn Gillmor <dkg@fifthhorseman.net>
  89. .SH SEE ALSO
  90. .BR monkeysphere-ssh-proxycommand (1),
  91. .BR monkeysphere-server (8),
  92. .BR monkeysphere (5),
  93. .BR ssh (1),
  94. .BR gpg (1)