X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=website%2Findex.mdwn;h=5b757fa95376c327a998b31aa1aff639e16f8530;hb=1e26301ec4cd2afc45c968c3fe3d77bf296b03fb;hp=d7892c88c1276ed87895193ff2ce63b505e97ee2;hpb=46c9ed09236defc9bfd6012f5cc42efe7d206f7b;p=monkeysphere.git diff --git a/website/index.mdwn b/website/index.mdwn index d7892c8..5b757fa 100644 --- a/website/index.mdwn +++ b/website/index.mdwn @@ -1,61 +1,82 @@ -The Monkeysphere project's goal is to extend the web of trust model and other -features of OpenPGP to other areas of the Internet to help us securely identify -each other while we work online. +[[!template id="nav"]] -Specifically, the Monkeysphere is a framework to leverage the OpenPGP web of -trust for OpenSSH authentication. In other words, it allows you to use your -OpenPGP keys when using secure shell to both identify yourself and the servers -you administer or connect to. OpenPGP keys are tracked via GnuPG, and added to -the authorized\_keys and known\_hosts files used by OpenSSH for connection -authentication. +The Monkeysphere project's goal is to extend the web of trust model +and other features of OpenPGP to other areas of the Internet to help +us securely identify each other while we work online. -[[bugs]] | [[download]] | [[news]] | [[documentation|doc]] +Specifically, monkeysphere is a framework to leverage the OpenPGP web +of trust for OpenSSH authentication. In other words, it allows you to +use your OpenPGP keys when using secure shell to both identify +yourself and the servers you administer or connect to. OpenPGP keys +are tracked via GnuPG, and managed in the `known_hosts` and +`authorized_keys` files used by OpenSSH for connection authentication. ## Conceptual overview ## -Everyone who has used secure shell is familiar with the prompt given the first -time you login, asking if you want to trust the server's fingerprint. In -addition, many of us take advantage of OpenSSH's ability to use RSA or DSA keys -for authenticating to a server, rather than relying on a password exchange. - -[OpenSSH](http://openssh.com/) already provides a functional way for managing -the RSA and DSA keys required for these interactions. However, it lacks any +Everyone who has used secure shell is familiar with the prompt given +the first time you log in to a new server, asking if you want to trust +the server's key by verifying the key fingerprint. Unfortunately, +unless you have access to the server's key fingerprint through a +secure out-of-band channel, there is no way to verify that the +fingerprint you are presented with is in fact that of the server your +really trying to connect to. + +Many users also take advantage of OpenSSH's ability to use RSA or DSA +keys for authenticating to a server (known as +"`PubkeyAuthentication`"), rather than relying on a password exchange. +But again, the public part of the key needs to be transmitted to the +server through a secure out-of-band channel (usually via a separate +password-based SSH connection or a (hopefully signed) e-mail to the +system administrator) in order for this type of authentication to +work. + +[OpenSSH](http://openssh.com/) currently provides a functional way to +manage the RSA and DSA keys required for these interactions through +the `known_hosts` and `authorized_keys` files. However, it lacks any type of [Public Key Infrastructure -(PKI)](http://en.wikipedia.org/wiki/Public_Key_Infrastructure). +(PKI)](http://en.wikipedia.org/wiki/Public_Key_Infrastructure) that +can verify that the keys being used really are the one required or +expected. The basic idea of the Monkeysphere is to create a framework that uses -[GnuPG](http://www.gnupg.org/)'s keyring manipulation capabilities and public -keyservers to generate files that OpenSSH will accept and handle as intended. - -This offers users of OpenSSH an effective PKI, including the possibility for -key transitions, transitive identifications, revocations, and expirations. It -also actively invites broader participation in the +[GnuPG](http://www.gnupg.org/)'s keyring manipulation capabilities and +public keyserver communication to manage the keys that OpenSSH uses +for connection authentication. + +The Monkeysphere therefore provides an effective PKI for OpenSSH, +including the possibility for key transitions, transitive +identifications, revocations, and expirations. It also actively +invites broader participation in the [OpenPGP](http://en.wikipedia.org/wiki/Openpgp) [web of trust](http://en.wikipedia.org/wiki/Web_of_trust). -Under the Monkeysphere, both parties to an OpenSSH connection (client and -server) have a responsibility to explicitly designate who they trust to certify -the identity of the other party. This trust designation is explicitly indicated -with traditional GPG keyring trust model. No modification is made to the SSH -protocol on the wire (it continues to use raw RSA public keys), and it should -work with unpatched OpenSSH software. +## Technical details ## + +Under the Monkeysphere, both parties to an OpenSSH connection (client +and server) explicitly designate who they trust to certify the +identity of the other party. These trust designations are explicitly +indicated with traditional GPG keyring trust models. Monkeysphere +then manages the keys in the `known_hosts` and `authorized_keys` +files directly, in such a way that is completely transparent to SSH. +No modification is made to the SSH protocol on the wire (it continues +to use raw RSA public keys), and no modification is needed to the +OpenSSH software. -Monkeysphere does not modify ssh in any way, and ssh can be used "out -of the box". Monkeysphere is a set of tools that manages keys in the -known\_hosts and authorized\_keys files that ssh uses for connection -authentication. +To emphasize: *no modifications to SSH are required to use the +Monkeysphere*. OpenSSH can be used as is; completely unpatched and +"out of the box". ## Philosophy ## Humans (and [monkeys](http://www.scottmccloud.com/comics/mi/mi-17/mi-17.html)) -have innate capacity to keep track of the identity of a finite number -of people. After our social sphere exceeds several dozen or several -hundred (depending on the individual), our ability to remember and -distinguish people begins to break down. In other words, at a certain -point, we can't know for sure that the person we ran into in the -produce aisle really is the same person who we met at the party last -week. +have the innate capacity to keep track of the identities of only a +finite number of people. After our social sphere exceeds several dozen +or several hundred (depending on the individual), our ability to +remember and distinguish people begins to break down. In other words, +at a certain point, we can't know for sure that the person we ran into +in the produce aisle really is the same person who we met at the party +last week. For most of us, this limitation has not posed much of a problem in our daily, off-line lives. With the Internet, however, we have an ability @@ -77,7 +98,8 @@ the [web of trust](http://en.wikipedia.org/wiki/Web_of_trust). The web of trust allows people who have never met in person to communicate with a reasonable degree of certainty that they are who they say they are. It works like this: Person A trusts Person B. Person B verifies -Person C's identity. Then, Person A can verify Person C's identity. +Person C's identity. Then, Person A can verify Person C's identity +because of their trust of Person B. The Monkeyshpere's broader goals are to extend the use of OpenPGP from email communications to other activities, such as: @@ -89,11 +111,9 @@ email communications to other activities, such as: * [OpenSSH](http://openssh.com/) * [GnuPG](http://www.gnupg.org/) +* [Secure Shell Authentication Protocol RFC 4252](http://tools.ietf.org/html/rfc4252) * [OpenPGP RFC 4880](http://tools.ietf.org/html/rfc4880) -* [URI scheme for SSH, RFC draft](http://tools.ietf.org/wg/secsh/draft-ietf-secsh-scp-sftp-ssh-uri/) - ---- This wiki is powered by [ikiwiki](http://ikiwiki.info). -