3 # monkeysphere: Monkeysphere client tool
5 # The monkeysphere scripts are written by:
6 # Jameson Rollins <jrollins@fifthhorseman.net>
7 # Jamie McClelland <jm@mayfirst.org>
8 # Daniel Kahn Gillmor <dkg@fifthhorseman.net>
9 # Micah Anderson <micah@riseup.net>
11 # They are Copyright 2008-2009, and are all released under the GPL, version 3
14 ########################################################################
17 SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/share/monkeysphere"}
19 . "${SYSSHAREDIR}/common" || exit 1
21 # sharedir for host functions
22 MSHAREDIR="${SYSSHAREDIR}/m"
24 # UTC date in ISO 8601 format if needed
25 DATE=$(date -u '+%FT%T')
27 # unset some environment variables that could screw things up
33 # set the file creation mask to be only owner rw
36 ########################################################################
38 ########################################################################
42 usage: $PGRM <subcommand> [options] [args]
43 Monkeysphere client tool.
46 update-known_hosts (k) [HOST]... update known_hosts file
47 update-authorized_keys (a) update authorized_keys file
48 import-subkey (i) import existing ssh key as gpg subkey
49 --keyfile (-f) FILE key file to import
50 --expire (-e) EXPIRE date to expire
51 gen-subkey (g) [KEYID] generate an authentication subkey
52 --length (-l) BITS key length in bits (2048)
53 --expire (-e) EXPIRE date to expire
54 ssh-proxycommand monkeysphere ssh ProxyCommand
55 subkey-to-ssh-agent (s) store authentication subkey in ssh-agent
56 version (v) show version number
62 ########################################################################
64 ########################################################################
66 # set unset default variables
67 GNUPGHOME=${GNUPGHOME:="${HOME}/.gnupg"}
68 KNOWN_HOSTS="${HOME}/.ssh/known_hosts"
69 HASH_KNOWN_HOSTS="true"
70 AUTHORIZED_KEYS="${HOME}/.ssh/authorized_keys"
72 # unset the check keyserver variable, since that needs to have
73 # different defaults for the different functions
77 [ -r "${SYSCONFIGDIR}/monkeysphere.conf" ] \
78 && . "${SYSCONFIGDIR}/monkeysphere.conf"
80 # set monkeysphere home directory
81 MONKEYSPHERE_HOME=${MONKEYSPHERE_HOME:="${HOME}/.monkeysphere"}
82 mkdir -p -m 0700 "$MONKEYSPHERE_HOME"
85 [ -e ${MONKEYSPHERE_CONFIG:="${MONKEYSPHERE_HOME}/monkeysphere.conf"} ] \
86 && . "$MONKEYSPHERE_CONFIG"
88 # set empty config variables with ones from the environment
89 GNUPGHOME=${MONKEYSPHERE_GNUPGHOME:=$GNUPGHOME}
90 LOG_LEVEL=${MONKEYSPHERE_LOG_LEVEL:=$LOG_LEVEL}
91 KEYSERVER=${MONKEYSPHERE_KEYSERVER:=$KEYSERVER}
92 # if keyserver not specified in env or conf, then look in gpg.conf
93 if [ -z "$KEYSERVER" ] ; then
94 if [ -f "${GNUPGHOME}/gpg.conf" ] ; then
95 KEYSERVER=$(grep -e "^[[:space:]]*keyserver " "${GNUPGHOME}/gpg.conf" | tail -1 | awk '{ print $2 }')
98 PROMPT=${MONKEYSPHERE_PROMPT:=$PROMPT}
99 KNOWN_HOSTS=${MONKEYSPHERE_KNOWN_HOSTS:=$KNOWN_HOSTS}
100 HASH_KNOWN_HOSTS=${MONKEYSPHERE_HASH_KNOWN_HOSTS:=$HASH_KNOWN_HOSTS}
101 AUTHORIZED_KEYS=${MONKEYSPHERE_AUTHORIZED_KEYS:=$AUTHORIZED_KEYS}
103 # other variables not in config file
104 AUTHORIZED_USER_IDS=${MONKEYSPHERE_AUTHORIZED_USER_IDS:="${MONKEYSPHERE_HOME}/authorized_user_ids"}
105 REQUIRED_HOST_KEY_CAPABILITY=${MONKEYSPHERE_REQUIRED_HOST_KEY_CAPABILITY:="a"}
106 REQUIRED_USER_KEY_CAPABILITY=${MONKEYSPHERE_REQUIRED_USER_KEY_CAPABILITY:="a"}
108 # export GNUPGHOME and make sure gpg home exists with proper
111 mkdir -p -m 0700 "$GNUPGHOME"
116 [ "$COMMAND" ] || failure "Type '$PGRM help' for usage."
120 'update-known_hosts'|'update-known-hosts'|'k')
121 # whether or not to check keyservers
122 CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:=${CHECK_KEYSERVER:="true"}}
124 # if hosts are specified on the command line, process just
127 update_known_hosts "$@"
130 # otherwise, if no hosts are specified, process every host
131 # in the user's known_hosts file
138 'update-authorized_keys'|'update-authorized-keys'|'a')
139 # whether or not to check keyservers
140 CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:=${CHECK_KEYSERVER:="true"}}
142 # process authorized_user_ids file
143 process_authorized_user_ids "$AUTHORIZED_USER_IDS"
148 source "${MSHAREDIR}/import_subkey"
153 source "${MSHAREDIR}/gen_subkey"
157 'ssh-proxycommand'|'p')
158 source "${MSHAREDIR}/ssh_proxycommand"
159 ssh_proxycommand "$@"
162 'subkey-to-ssh-agent'|'s')
163 source "${MSHAREDIR}/subkey_to_ssh_agent"
164 subkey_to_ssh_agent "$@"
171 '--help'|'help'|'-h'|'h'|'?')
176 failure "Unknown command: '$COMMAND'
177 Type '$PGRM help' for usage."