weren't worth it. Updated man pages as well.
* Add AUTHORIZED_USER_IDS config variable for server, which defaults to
%h/.config/monkeysphere/authorized_user_ids, instead of
/etc/monkeysphere/authorized_user_ids.
+ * Remove {update,remove}-userids functions, since we decided they
+ weren't useful enough to be worth maintaining.
- -- Jameson Graef Rollins <jrollins@phys.columbia.edu> Thu, 19 Jun 2008 15:22:05 -0400
+ -- Jameson Graef Rollins <jrollins@phys.columbia.edu> Thu, 19 Jun 2008 16:56:32 -0400
monkeysphere (0.1-1) experimental; urgency=low
.B ProxyCommand monkeysphere-ssh-proxycommand %h %p
-The script is very simple, and can easily be incorporated into other
-ProxyCommand scripts. It first tests to see if the host is in the
-known_hosts file. If it's not, the CHECK_KEYSERVER variable is set to
-true and "update-known_hosts" is run for the host to check for a host
-key for that host. If the host is found in the known_hosts file,
-CHECK_KEYSERVER is set to false and "update-known_hosts" is run to
-update from the local keychain.
+The script can easily be incorporated into other ProxyCommand scripts
+by calling it with the "--no-connect" option, ie:
-Run the following command for more info:
+.B monkeysphere-ssh-proxycommand --no-connect "$HOST" "$PORT"
-.B less $(which monkeysphere-ssh-proxycommand)
+This will run everything but will not exec netcat to make the tcp
+connection to the host.
+
+.SH KEYSERVER CHECKING
+
+The proxy command has a fairly nuanced policy for when keyservers are
+queried when processing host. If the host userID is not found in
+either the user's keyring or in the known_hosts file, then the
+keyserver is queried for the host userID. If the host userID is found
+in the user's keyring, then the keyserver is not checked. This is
+because... If the host userID is not found in the user's keyring, but
+the host is listed in the known_hosts file, then defered check is
+scheduled.
+
+.SH ENVIRONMENT VARIABLES
+
+.TP
+KEYSERVER The keyserver to query.
.SH AUTHOR
known_hosts file will be processed. `k' may be used in place of
`update-known_hosts'.
.TP
-.B update-userids [USERID]...
-Add/update a user ID to the authorized_user_ids file. The user IDs
-specified should be exact matches to OpenPGP user IDs. For each
-specified user ID, gpg will be queried for a key associated with that
-user ID, querying a keyserver if specified. If a key is found, the
-user ID will be added to the user's authorized_user_ids file (if it
-wasn't already present). `u' may be used in place of
-`update-userids'.
-.TP
-.B remove-userids [USERID]...
-Remove a user ID from the authorized_user_ids file. The user IDs
-specified should be exact matches to OpenPGP user IDs. `r' may be
-used in place of `remove-userids'.
-.TP
.B update-authorized_keys
Update the monkeysphere authorized_keys file. For each user ID in the
user's authorized_user_ids file, gpg will be queried for keys
GPG keys are considered acceptable if the following criteria are met:
.TP
.B capability
-For host keys, the key must have both the "authentication" ("a") and
-"encrypt" ("e") capability flags. For user keys, the key must have
-the "authentication" ("a") capability flag.
+The key must have the "authentication" ("a") usage flag set.
.TP
.B validity
The key must be "fully" valid, and must not be expired or revoked.
~/.config/monkeysphere/authorized_user_ids
OpenPGP user IDs associated with keys that will be checked for
addition to the authorized_keys file.
-.TP
-~/.config/monkeysphere/authorized_keys
-Monkeysphere generated authorized_keys file.
.SH AUTHOR
.TP
.B update-users [USER]...
Update the admin-controlled authorized_keys files for user. For each
-user specified, update the user's authorized_keys file in
+user specified, user ID's listed in the user's authorized_user_ids
+file are processed, and the user's authorized_keys file in
/var/cache/monkeysphere/authorized_keys/USER. See `man monkeysphere'
for more info. If the USER_CONTROLLED_AUTHORIZED_KEYS variable is
set, then a user-controlled authorized_keys file (usually
Mark key specified with key IDs with full owner trust. `t' may be used
in place of `trust-keys'.
.TP
-.B update-user-userids USER USERID...
-Add/update a user ID to the authorized_user_ids file for USER. `u' may
-be used in place of `update-user-userids'.
-.TP
-.B remove-user-userids USER USERID...
-Remove a user ID from the authorized_user_ids file for USER. `r' may
-be used in place of `remove-user-userids'.
-.TP
.B help
Output a brief usage summary. `h' or `?' may be used in place of
`help'.
done
}
-# update the cache for userid, and prompt to add file to
-# authorized_user_ids file if the userid is found in gpg
-# and not already in file.
-update_userid() {
- local userID
-
- userID="$1"
- authorizedUserIDs="$2"
-
- log "processing userid: '$userID'"
-
- # process the user ID to pull it from keyserver
- process_user_id "$userID" | grep -q "^0 "
-
- # check if user ID is in the authorized_user_ids file
- if ! grep -q "^${userID}\$" "$authorizedUserIDs" ; then
- read -p "user ID not currently authorized. authorize? [Y|n]: " OK; OK=${OK:=Y}
- if [ ${OK/y/Y} = 'Y' ] ; then
- # add if specified
- log -n " adding user ID to authorized_user_ids file... "
- echo "$userID" >> "$authorizedUserIDs"
- loge "done."
- else
- # else do nothing
- log " authorized_user_ids file untouched."
- fi
- fi
-}
-
-# remove a userid from the authorized_user_ids file
-remove_userid() {
- local userID
-
- userID="$1"
- authorizedUserIDs="$2"
-
- log "processing userid: '$userID'"
-
- # check if user ID is in the authorized_user_ids file
- if ! grep -q "^${userID}\$" "$authorizedUserIDs" ; then
- log " user ID not currently authorized."
- return 1
- fi
-
- # remove user ID from file
- log -n " removing user ID '$userID'... "
- remove_line "$authorizedUserIDs" "^${userID}$"
- loge "done."
-}
-
# process a host in known_host file
process_host_known_hosts() {
local host
subcommands:
update-known_hosts (k) [HOST]... update known_hosts file
- update-userids (u) [USERID]... add/update user IDs
- remove-userids (r) [USERID]... remove user IDs
update-authorized_keys (a) update authorized_keys file
gen-subkey (g) KEYID generate an 'a' capable subkey
help (h,?) this help
fi
;;
- 'update-userids'|'update-userid'|'u')
- if [ -z "$1" ] ; then
- failure "you must specify at least one userid."
- fi
- for userID ; do
- update_userid "$userID" "$AUTHORIZED_USER_IDS"
- done
- log "Run the following to update your monkeysphere authorized_keys file:"
- log "$PGRM update-authorized_keys"
- ;;
-
- 'remove-userids'|'remove-userid'|'r')
- if [ -z "$1" ] ; then
- failure "you must specify at least one userid."
- fi
- for userID ; do
- remove_userid "$userID" "$AUTHORIZED_USER_IDS"
- done
- log "Run the following to update your monkeysphere authorized_keys file:"
- log "$PGRM update-authorized_keys"
- ;;
-
'update-authorized_keys'|'update-authorized-keys'|'a')
MODE='authorized_keys'
MonkeySphere server admin tool.
subcommands:
+ update-users (s) [USER]... update users authorized_keys files
gen-key (g) [HOSTNAME] generate gpg key for the server
show-fingerprint (f) show server's host key fingerprint
publish-key (p) publish server key to keyserver
trust-keys (t) KEYID... mark keyids as trusted
-
- update-users (s) [USER]... update users authorized_keys files
- update-user-userids (u) USER UID... add/update user IDs for a user
- remove-user-userids (r) USER UID... remove user IDs for a user
help (h,?) this help
EOF
done
;;
- 'update-user-userids'|'update-user-userid'|'u')
- uname="$1"
- shift
- if [ -z "$uname" ] ; then
- failure "You must specify user."
- fi
- if [ -z "$1" ] ; then
- failure "You must specify at least one user ID."
- fi
-
- # set authorized_user_ids variable,
- # translate ssh-style path variables
- authorizedUserIDs=$(translate_ssh_variables "$uname" "$AUTHORIZED_USER_IDS")
-
- # make sure user's authorized_user_ids file exists
- touch "$authorizedUserIDs"
-
- # process the user IDs
- for userID ; do
- update_userid "$userID" "$authorizedUserIDs"
- done
-
- log "Run the following to update user's authorized_keys file:"
- log "$PGRM update-users $uname"
- ;;
-
- 'remove-user-userids'|'remove-user-userid'|'r')
- uname="$1"
- shift
- if [ -z "$uname" ] ; then
- failure "You must specify user."
- fi
- if [ -z "$1" ] ; then
- failure "You must specify at least one user ID."
- fi
-
- # set authorized_user_ids variable,
- # translate ssh-style path variables
- authorizedUserIDs=$(translate_ssh_variables "$uname" "$AUTHORIZED_USER_IDS")
-
- # make sure user's authorized_user_ids file exists
- if [ ! -f "$authorizedUserIDs" ] ; then
- failure "authorized_user_ids file '$authorizedUserIDs' does not exist."
- fi
-
- # process the user IDs
- for userID ; do
- remove_userid "$userID" "$authorizedUserIDs"
- done
-
- log "Run the following to update user's authorized_keys file:"
- log "$PGRM update-users $uname"
- ;;
-
'help'|'h'|'?')
usage
;;