* Better handling of unknown users in server update-users
* Add file locking when modifying known_hosts or authorized_keys
* Better failure/prompting for gen-subkey
+ * Add ability to set any owner trust level for keys in server keychain.
- -- Jameson Graef Rollins <jrollins@phys.columbia.edu> Sat, 21 Jun 2008 16:39:26 -0400
+ -- Jameson Graef Rollins <jrollins@phys.columbia.edu> Sun, 22 Jun 2008 11:42:42 -0400
monkeysphere (0.1-1) experimental; urgency=low
Publish the host's gpg key to the keyserver. `p' may be used in place
of `publish-key'.
.TP
-.B trust-keys KEYID...
-Mark key specified with key IDs with full owner trust. `t' may be used
-in place of `trust-keys'.
+.B trust-key KEYID [LEVEL]
+Set owner trust for key. If LEVEL is not specified, then the program
+will prompt for an owner trust level to set for KEYID. This function
+lsigns the key as well so that it will have a known validity. `t' may
+be used in place of `trust-key'.
.TP
.B help
Output a brief usage summary. `h' or `?' may be used in place of
# retrieve key from web of trust, and set owner trust to "full"
# if key is found.
trust_key() {
+ local keyID
+ local trustLevel
+
+ keyID="$1"
+ trustLevel="$2"
+
+ if [ -z "$keyID" ] ; then
+ failure "You must specify key to trust."
+ fi
+
# get the key from the key server
if ! gpg --keyserver "$KEYSERVER" --recv-key "$keyID" ; then
failure "Could not retrieve key '$keyID'."
# get key fingerprint
fingerprint=$(get_key_fingerprint "$keyID")
+ echo "key found:"
+ gpg --fingerprint "$fingerprint"
+
+ while [ -z "$trustLevel" ] ; do
+ cat <<EOF
+Please decide how far you trust this user to correctly verify other users' keys
+(by looking at passports, checking fingerprints from different sources, etc.)
+
+ 1 = I don't know or won't say
+ 2 = I do NOT trust
+ 3 = I trust marginally
+ 4 = I trust fully
+ 5 = I trust ultimately
+
+EOF
+ read -p "Your decision? " trustLevel
+ if echo "$trustLevel" | grep -v "[1-5]" ; then
+ echo "Unknown trust level '$trustLevel'."
+ unset trustLevel
+ elif [ "$trustLevel" = 'q' ] ; then
+ failure "Aborting."
+ fi
+ done
+
# attach a "non-exportable" signature to the key
# this is required for the key to have any validity at all
# the 'y's on stdin indicates "yes, i really want to sign"
- echo -e 'y\ny' | gpg --lsign-key --command-fd 0 "$fingerprint"
+ echo -e 'y\ny' | gpg --quiet --lsign-key --command-fd 0 "$fingerprint"
+
+ # index trustLevel by one to difference between level in ui and level
+ # internally
+ trustLevel=$((trustLevel+1))
- # import "full" trust for fingerprint into gpg
- echo ${fingerprint}:5: | gpg --import-ownertrust
+ # import new owner trust level for key
+ echo "${fingerprint}:${trustLevel}:" | gpg --import-ownertrust
if [ $? = 0 ] ; then
log "Owner trust updated."
else
update-users (s) [USER]... update users authorized_keys files
gen-key (g) [HOSTNAME] generate gpg key for the server
show-fingerprint (f) show server's host key fingerprint
- publish-key (p) publish server key to keyserver
- trust-keys (t) KEYID... mark keyids as trusted
+ publish-key (p) publish server's host key to keyserver
+ trust-key (t) KEYID [LEVEL] set owner trust for keyid
help (h,?) this help
EOF
publish_server_key
;;
- 'trust-keys'|'trust-key'|'t')
- if [ -z "$1" ] ; then
- failure "You must specify at least one key to trust."
- fi
-
- # process key IDs
- for keyID ; do
- trust_key "$keyID"
- done
+ 'trust-key'|'trust-key'|'t')
+ trust_key "$@"
;;
'help'|'h'|'?')