.TH MONKEYSPHERE "1" "June 2008" "monkeysphere 0.1" "User Commands"
+
.SH NAME
-monkeysphere \- monkeysphere client user interface
+
+monkeysphere \- MonkeySphere client user interface
+
.SH SYNOPSIS
-.B monkeysphere \fIcommand\fP [\fIargs\fP]
+
+.B monkeysphere \fIsubcommand\fP [\fIargs\fP]
+
.SH DESCRIPTION
-.PP
-\fBmonkeysphere\fP is the client monkeysphere tool.
+
+\fBMonkeySphere\fP is a framework to leverage the OpenPGP Web of Trust
+for ssh authentication. OpenPGP keys are tracked via GnuPG, and added
+to the authorized_keys and known_hosts files used by ssh for
+connection authentication.
+
+\fBmonkeysphere\fP is the MonkeySphere client utility.
+
.SH SUBCOMMANDS
+
\fBmonkeysphere\fP takes various subcommands:
-.PD
.TP
.B update-known_hosts [HOST]...
-Update the known_hosts file. For every host listed, search for a gpg
-key for the host in the Web of Trust. If a key is found, any ssh keys
-for the host are removed from the known_hosts file. If the found key
-is acceptable (see KEY ACCEPTABILITY), then the gpg key is converted
-to an ssh key and added to the known_hosts file. If no gpg key is
-found for the host, then nothing is done. If no hosts are specified,
-all hosts listed in the known_hosts file will be processed. If they
-
-`k' may be used in place of `update-known_hosts'.
+Update the known_hosts file. For each specified host, gpg will be
+queried for a key associated with the host URI (see HOST
+IDENTIFICATION in monkeysphere(5)), optionally querying a keyserver.
+If an acceptable key is found for the host (see KEY ACCEPTABILITY in
+monkeysphere(5)), the key is added to the user's known_hosts file. If
+a key is found but is unacceptable for the host, any matching keys are
+removed from the user's known_hosts file. If no gpg key is found for
+the host, nothing is done. If no hosts are specified, all hosts
+listed in the known_hosts file will be processed. This subcommand
+will exit with a status of 0 if at least one acceptable key was found
+for a specified host, 1 if no matching keys were found at all, and 2
+if matching keys were found but none were acceptable. `k' may be used
+in place of `update-known_hosts'.
.TP
.B update-authorized_keys
-Update the authorized_keys file.
-.TP
-.B update-userids [USERID]...
-Update userid
+Update the monkeysphere authorized_keys file. For each user ID in the
+user's authorized_user_ids file, gpg will be queried for keys
+associated with that user ID, optionally querying a keyserver. If an
+acceptable key is found (see KEY ACCEPTABILITY in monkeysphere(5)),
+the key is add to the user's authorized_keys file. If a key is found
+but is unacceptable for the user ID, any matching keys are removed
+from the user's authorized_keys file. If no gpg key is found for the
+user ID, nothing is done. This subcommand will exit with a status of
+0 if at least one acceptable key was found for a user ID, 1 if no
+matching keys wer found at all, and 2 if matching keys were found but
+none were acceptable. `a' may be used in place of
+`update-authorized_keys'.
.TP
-.B gen-ae-subkey KEYID
-Generate an `ae` capable subkey
+.B gen-subkey KEYID
+Generate an authentication subkey. For the primary key with the
+specified key ID, generate a subkey with "authentication" capability
+that can be used for monkeysphere transactions. `g' may be used in
+place of `gen-subkey'.
.TP
.B help
Output a brief usage summary. `h' or `?' may be used in place of
`help'.
-.PD
-.SH KEY ACCEPTABILITY
-GPG keys are considered acceptable if the following criteria are met:
-.PD
-.TP
-.B capability
-The key must have both the "authentication" and "encrypt" capability
-flags.
-.TP
-.B validity
-The key must be "fully" valid, and must not be expired or revoked.
-.PD
+
.SH FILES
-.PD 1
+
.TP
~/.config/monkeysphere/monkeysphere.conf
User monkeysphere config file.
System-wide monkeysphere config file.
.TP
~/.config/monkeysphere/authorized_user_ids
-GPG user IDs to validate for addition to the authorized_keys file.
-.TP
-~/.config/monkeysphere/authorized_keys
-Monkeysphere generated authorized_keys file.
-.TP
-~/.config/monkeysphere/user_keys
-User keys cache directory.
-.TP
-~/.config/monkeysphere/host_keys
-Host keys cache directory.
-.PD
+OpenPGP user IDs associated with keys that will be checked for
+addition to the authorized_keys file.
+
.SH AUTHOR
-Written by Jameson Rollins
-.SH "REPORTING BUGS"
-Report bugs to <???@???>.
-.SH COPYRIGHT
-Copyright \(co 2008 Jameson Graef Rollins and Daniel Kahn Gillmor
-.br
-This is free software. You may redistribute copies of it under the
-terms of the GNU General Public License
-<http://www.gnu.org/licenses/gpl.html>. There is NO WARRANTY, to the
-extent permitted by law.
-.SH "SEE ALSO"
+
+Written by Jameson Rollins <jrollins@fifthhorseman.net>, Daniel
+Kahn Gillmor <dkg@fifthhorseman.net>
+
+.SH SEE ALSO
+
+.BR monkeysphere-ssh-proxycommand (1),
+.BR monkeysphere-server (8),
+.BR monkeysphere (5),
.BR ssh (1),
-.BR gpg (1),
-.BR monkeysphere-server (8)
+.BR gpg (1)
projects / monkeysphere.git / blobdiff