## Verifying the key ##
The [Monkeysphere apt repository](/download) is signed by this key, so
-you can verify that the packages come from the right place and have
-not been tampered with.
+you [can verify](http://wiki.debian.org/SecureApt) that the packages
+come from the right place and have not been tampered with.
This key is certified by several of the Monkeysphere developers, and
should be able to be found from the public keyservers with:
- gpg --keyserver $KEYSERVER --recv EB8AF314
+ $ gpg --recv-key EB8AF314
+ gpg: requesting key EB8AF314 from hkp server pool.sks-keyservers.net
+ gpg: key EB8AF314: public key "Monkeysphere Archive Signing Key (http://archive.monkeysphere.info/debian)" imported
+ gpg: no ultimately trusted keys found
+ gpg: Total number processed: 1
+ gpg: imported: 1 (RSA: 1)
+ $
You should be able to verify the fingerprint like this:
- [0 dkg@squeak ~]$ gpg --list-key --fingerprint http://archive.monkeysphere.info/debian
+ $ gpg --list-key --fingerprint http://archive.monkeysphere.info/debian
pub 4096R/EB8AF314 2008-09-02 [expires: 2009-09-02]
Key fingerprint = 2E8D D26C 53F1 197D DF40 3E61 18E6 67F1 EB8A F314
uid [ full ] Monkeysphere Archive Signing Key (http://archive.monkeysphere.info/debian)
-
- [0 dkg@squeak ~]$
+ $
-And you can verify the fingerprints with:
+And you can also verify the fingerprints with:
- gpg --list-sigs http://archive.monkeysphere.info/debian
+ $ gpg --list-sigs http://archive.monkeysphere.info/debian
If you believe that the repository has been tampered with, please [let
us know](/community)!
+If you have properly verified this key, you can add it to your apt
+keyring for proper cryptographic verification of the archive and its
+packages by doing the following:
+
+ $ sudo gpg -a --export EB8AF314 | apt-key add -
+ OK
+ $ aptitude update
+ ...
+
## The key itself ##
<pre>
# Downloading and Installing #
+## Debian ##
+
If you are running a Debian system, you can install Monkeysphere
by following these directions:
deb http://archive.monkeysphere.info/debian experimental monkeysphere
deb-src http://archive.monkeysphere.info/debian experimental monkeysphere
-The repository is currently signed by [The Monkeysphere archive
-signing key](/archive-key), key id EB8AF314 (fingerprint: `2E8D
+The repository is currently signed by the Monkeysphere archive
+signing key, key id EB8AF314 (fingerprint: `2E8D
D26C 53F1 197D DF40 3E61 18E6 67F1 EB8A F314`). To cryptographically
verify the packages, you'll want to [add this key to your apt
-configuration after verifying its
-integrity](http://wiki.debian.org/SecureApt).
+configuration after verifying its integrity](/archive-key).
To use the `monkeysphere subkey-to-ssh-agent` subcommand, you will
also need [version 2.6 of GnuTLS](/news/gnutls-2.6-enables-monkeysphere),
to get started [as a regular user](/getting-started-user) or [as a
systems administrator](/getting-started-admin).
+## FreeBSD ##
+
+There is [now a FreeBSD port available](/news/FreeBSD-port-available/)
+for the Monkeysphere.
+
+While the monkeysphere is not officially included in the ports tree
+yet, [a problem
+report](http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/128406) has
+been submitted, and the package itself is functional.
+
+The latest version of the ports directory can be found in [the git
+repository](/community) under
+`packaging/freebsd/security/monkeysphere`. Please [let us
+know](/community) if you encounter any problems with it on a FreeBSD
+system.
+
+Until the port is accepted, you should be able to build the latest
+port with:
+
+ git clone git://git.monkeysphere.info/monkeysphere
+ cp -a monkeysphere/packaging/freebsd/security/monkeysphere /usr/ports/security
+ cd /usr/ports/security/monkeysphere
+ make && make install
+
## Source ##
-For people who can't use the debian package, or folks who just want to
-look at the source, we recommend [using git](/community).
+For those that would like to download the source directly, [the source
+is available](/community) via [git](http://git.or.cz/).
-But if you want a tarball of the most recent release, we publish those
-too. The [latest
+The [latest
tarball](http://archive.monkeysphere.info/debian/pool/monkeysphere/m/monkeysphere/monkeysphere_0.19.orig.tar.gz)
-has these checksums:
+is also available, and has these checksums:
<pre>
-----BEGIN PGP SIGNED MESSAGE-----
This would refresh your keychain every day at noon.
+Install the monkeysphere software on your system
+------------------------------------------------
+
+If you haven't installed monkeysphere yet, you will need to [download
+and install] (/download) before continuing.
+
+Make sure that you have the GnuTLS library version 2.6 or later
+installed on your system. If you can't (or don't want to) upgrade to
+GnuTLS 2.6 or later, there are patches for GnuTLS 2.4 available in
+[the Monkeysphere git repo](/community).
Keeping your `known_hosts` file in sync with your keyring
-----------------------------------------------------------
$ monkeysphere subkey-to-ssh-agent
-If you can't (or don't want to) upgrade to GnuTLS 2.6 or later, there
-are patches for GnuTLS 2.4 available in [the Monkeysphere git
-repo](/community).
-
FIXME: using the key with a single ssh connection?
Establish trust