X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=doc%2FREADME;h=13dd5af6295ec85843464d430cc3bfa7a1ffdc44;hb=3c5f35ded58ddf5c29aff0e5d0b2162c2223ec05;hp=86d0150bee6a4b4292af1d496612b8dfd8851da2;hpb=7d38c9dc47c2f47010435ad1dd305c5fe9d2f429;p=monkeysphere.git diff --git a/doc/README b/doc/README index 86d0150..13dd5af 100644 --- a/doc/README +++ b/doc/README @@ -30,7 +30,7 @@ hosts are. This can be done with the monkeysphere-ssh-proxycommand $ monkeysphere update-known_hosts -This will command will check to see if there is an OpenPGP key for +This command will check to see if there is an OpenPGP key for each (non-hashed) host listed in the known_hosts file, and then add the key for that host to the known_hosts file if one is found. This command could be added to a crontab as well, if desired. @@ -77,25 +77,31 @@ $ monkeysphere gen-subkey $GPGID Typically, you can find out what your keyid is by running: -gpg --list-key your@email.address +gpg --list-secret-keys -The first line (starting with pub) will include your key length followed +The first line (starting with sec) will include your key length followed by the type of key (e.g. 1024D) followed by a slash and then your keyid. Using your OpenPGP authentication key for SSH --------------------------------------------- -Once you have created a OpenPGP authentication key, you can feed it to -your ssh agent by running seckey2sshagent (currently this is found in -the src directory). Please run: +Once you have created an OpenPGP authentication key, you will need to +feed it to your ssh agent. -./seckey2sshagent --help +Currently (2008-08-23), gnutls does not support this operation. In order +to take this step, you will need to upgrade to a patched version of +gnutls. You can easily upgrade a Debian system by adding the following +to /etc/apt/sources.list.d/monkeysphere.list: -And read the directions - particularly the part about being dropped into -a gpg edit session. This is a work in progress! + deb http://monkeysphere.info/debian experimental gnutls + deb-src http://monkeysphere.info/debian experimental gnutls -NOTE: the current version of openpgp2ssh does *not* deal well with -encrypted keys (as of 2008-07-26) +Next, run `aptitude update; aptitude install libgnuttls26`. + +With the patched gnutls installed, you can feed your authentication sub +key to your ssh agent by running: + + monkeysphere subkey-to-ssh-agent FIXME: using the key with a single session?