X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=man%2Fman1%2Fmonkeysphere.1;h=95f1e593252c79cd5ce15d4750b99e456e6c3a28;hb=785736d891f6c61eb5d7f4f10687ef9a0d920c3b;hp=762f008b4d0a7be3d426de3b60939877bdb1cf47;hpb=7c315f56f1a5b9ed7742f48a9a0b836a47f44458;p=monkeysphere.git diff --git a/man/man1/monkeysphere.1 b/man/man1/monkeysphere.1 index 762f008..95f1e59 100644 --- a/man/man1/monkeysphere.1 +++ b/man/man1/monkeysphere.1 @@ -1,20 +1,24 @@ .TH MONKEYSPHERE "1" "June 2008" "monkeysphere 0.1" "User Commands" + .SH NAME + monkeysphere \- MonkeySphere client user interface -.PD + .SH SYNOPSIS + .B monkeysphere \fIcommand\fP [\fIargs\fP] -.PD + .SH DESCRIPTION -.PP + MonkeySphere is a system to leverage the OpenPGP Web of Trust for ssh authentication and encryption. OpenPGP keys are tracked via GnuPG, and added to the ssh authorized_keys and known_hosts files to be used for authentication and encryption of ssh connection. \fBmonkeysphere\fP is the MonkeySphere client utility. -.PD + .SH SUBCOMMANDS + \fBmonkeysphere\fP takes various subcommands: .TP .B update-known_hosts [HOST]... @@ -52,28 +56,35 @@ user_key cache, and the user's independently controlled authorized_keys file (usually ~/.ssh/authorized_keys). `a' may be used in place of `update-authorized_keys'. .TP -.B gen-ae-subkey KEYID -Generate an `ae` capable subkey. For the primary key with the -specified key ID, generate a subkey with "authentication" and -"encryption" capability that can be used for MonkeySphere -transactions. `g' may be used in place of `gen-ae-subkey'. +.B gen-subkey KEYID +Generate an `a` capable subkey. For the primary key with the +specified key ID, generate a subkey with "authentication" capability +that can be used for MonkeySphere transactions. `g' may be used in +place of `gen-subkey'. .TP .B help Output a brief usage summary. `h' or `?' may be used in place of `help'. -.PD + +.SH HOST URIs + +Host OpenPGP keys have associated user IDs that use the ssh URI +specification for the host, ie. "ssh://host.full.domain". + .SH KEY ACCEPTABILITY + GPG keys are considered acceptable if the following criteria are met: -.PD .TP .B capability -The key must have both the "authentication" and "encrypt" capability -flags. +For host keys, the key must have both the "authentication" ("a") and +"encrypt" ("e") capability flags. For user keys, the key must have +the "authentication" ("a") capability flag. .TP .B validity The key must be "fully" valid, and must not be expired or revoked. -.PD + .SH KEY CACHES + Monkeysphere keeps track of keys in key cache directories. The files in the cache are named with the format "USERID_HASH.PUB_KEY_ID", where USERID_HASH is a hash of the exact OpenPGP user ID, and PUB_KEY_ID is @@ -86,9 +97,9 @@ will be stored in the host_keys cache files, and authorized_keys style key lines will be stored in the user_keys cache files. OpenPGP keys are converted to ssh-style keys with the openpgp2ssh utility (see `man openpgp2ssh'). -.PD + .SH FILES -.PD 1 + .TP ~/.config/monkeysphere/monkeysphere.conf User monkeysphere config file. @@ -97,8 +108,8 @@ User monkeysphere config file. System-wide monkeysphere config file. .TP ~/.config/monkeysphere/authorized_user_ids -GPG user IDs associated with keys that will be checked for addition to -the authorized_keys file. +OpenPGP user IDs associated with keys that will be checked for +addition to the authorized_keys file. .TP ~/.config/monkeysphere/authorized_keys Monkeysphere generated authorized_keys file. @@ -108,12 +119,14 @@ User keys cache directory. .TP ~/.config/monkeysphere/host_keys Host keys cache directory. -.PD + .SH AUTHOR + Written by Jameson Rollins -.PD + .SH SEE ALSO -.BR ssh (1), + .BR monkeysphere-ssh-proxycommand (1), -.BR gpg (1), -.BR monkeysphere-server (8) +.BR monkeysphere-server (8), +.BR ssh (1), +.BR gpg (1)