From: Jameson Graef Rollins Date: Tue, 2 Sep 2008 06:08:58 +0000 (-0700) Subject: Merge commit 'dkg/master' X-Git-Tag: monkeysphere_0.12-1~31 X-Git-Url: https://codewiz.org/gitweb?a=commitdiff_plain;h=948b21702fbeaf1874286bd9b0d7c27c37d55c2a;hp=5bb8d410b08bf36d1ff3f36257ac364080d80aa9;p=monkeysphere.git Merge commit 'dkg/master' Conflicts: website/doc.mdwn website/templates/nav.mdwn --- diff --git a/debian/changelog b/debian/changelog index 9a46d9e..76e4d04 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,6 +1,8 @@ monkeysphere (0.12-1) UNRELEASED; urgency=low * Improved output handling. + * debian/control: switched Homepage: and Vcs-Git: to canonicalized + upstream hostnames. -- Jameson Graef Rollins Sun, 24 Aug 2008 23:49:23 -0700 diff --git a/debian/control b/debian/control index 2984464..ca07a5d 100644 --- a/debian/control +++ b/debian/control @@ -5,8 +5,8 @@ Maintainer: Daniel Kahn Gillmor Uploaders: Jameson Rollins Build-Depends: debhelper (>= 7.0), libgnutls-dev (>= 2.4.0), git-core Standards-Version: 3.8.0.1 -Homepage: http://monkeysphere.info/ -Vcs-Git: git://monkeysphere.info/monkeysphere +Homepage: http://web.monkeysphere.info/ +Vcs-Git: git://git.monkeysphere.info/monkeysphere Dm-Upload-Allowed: yes Format: 3.0 (git) diff --git a/doc/TODO b/doc/TODO index 733986e..b41d2be 100644 --- a/doc/TODO +++ b/doc/TODO @@ -95,3 +95,7 @@ Fix behavior when add-identity-certifier fails to fetch a key from the Allow server administrators to add-identity-certifier from a key in the filesystem (or on stdin, etc) + +Think about packaging monkeysphere for other (non-apt-based) operating + systems. RPM-based linux systems, FreeBSD ports, and Mac OS X seem + like the most likely candidates. diff --git a/doc/announcement.html b/doc/announcement.html index 1787142..68607ac 100644 --- a/doc/announcement.html +++ b/doc/announcement.html @@ -30,8 +30,8 @@ key) across a group of machines by disabling authentication for that user?

A group of us have been working on a public key infrastructure for -SSH. Monkeysphere makes use of -the existing OpenPGP web-of-trust to fetch and cryptographically +SSH. Monkeysphere makes use +of the existing OpenPGP web-of-trust to fetch and cryptographically validate (and revoke!) keys. This works in either directions: both authorized_keys and known_hosts are handled. Monkeysphere gives users and admins tools to deal with SSH @@ -39,14 +39,17 @@ keys by thinking about the people and machines to whom the keys belong, instead of requiring humans to do tedious (and error-prone) manual key verification.

-

We have debian packages +

We have debian packages available which should install against lenny, a mailing list, and open ears for good questions, suggestions and criticism.

-

If you have a chance to give it a try (as a user -or as an admin), it would be great to If you have a chance to give it a try (as a +user or as an +admin), it would be great to get feedback.

diff --git a/doc/artwork/Makefile b/doc/artwork/Makefile new file mode 100644 index 0000000..b0cb37a --- /dev/null +++ b/doc/artwork/Makefile @@ -0,0 +1,2 @@ +logo.png: logo.svg + inkscape -e logo.png logo.svg diff --git a/doc/george/changelog b/doc/george/changelog index fcd5a12..8b03a7f 100644 --- a/doc/george/changelog +++ b/doc/george/changelog @@ -7,6 +7,14 @@ * changes to this system (first command at top, last at bottom) * ****************************************************************************** +2008-09-01 - dkg + * set up http://dkg.monkeysphere.info so that i could play around + with ikiwiki updates + * moved apt repository over to http://archive.monkeysphere.info/ + * aptitude update && aptitude dist-upgrade + * canonicalizing hostname for normal web access to + http://web.monkeysphere.info + 2008-08-26 - dkg * aptitude update && aptitude full-upgrade * added account 'daniel' for Dan Scott, and set him up with a way diff --git a/src/monkeysphere-server b/src/monkeysphere-server index 0aa6dbc..c81c066 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -468,7 +468,7 @@ revoke_hostname() { echo "WARNING: There is a known bug in this function." echo "This function has been known to occasionally revoke the wrong user ID." echo "Please see the following bug report for more information:" - echo "http://monkeysphere.info/bugs/revoke-hostname-revoking-wrong-userid/" + echo "http://web.monkeysphere.info/bugs/revoke-hostname-revoking-wrong-userid/" read -p "Are you sure you would like to proceed? (y/N) " OK; OK=${OK:=N} if [ ${OK/y/Y} != 'Y' ] ; then failure "aborting." diff --git a/website/bugs.mdwn b/website/bugs.mdwn index e0fc477..06a4d3a 100644 --- a/website/bugs.mdwn +++ b/website/bugs.mdwn @@ -1,5 +1,5 @@ [[!template id="nav"]] - +[[meta title="Bugs"]] This is Monkeysphere's bug list. You can also browse our [completed bugs](done). If you don't have commit access to the public repo, we'd appreciate diff --git a/website/bugs/add-man-pages-to-website.mdwn b/website/bugs/add-man-pages-to-website.mdwn index 4a8d2e2..399438a 100644 --- a/website/bugs/add-man-pages-to-website.mdwn +++ b/website/bugs/add-man-pages-to-website.mdwn @@ -1,7 +1,7 @@ [[meta title="Add man pages to web site"]] We should publish the various monkeysphere man pages in browsable form -somewhere under http://monkeysphere.info/. Ideally, this would be +somewhere under http://web.monkeysphere.info/. Ideally, this would be updated automatically from the sources for the official man pages themselves. diff --git a/website/community.mdwn b/website/community.mdwn index 477eb45..b06637b 100644 --- a/website/community.mdwn +++ b/website/community.mdwn @@ -1,8 +1,8 @@ [[!template id="nav"]] -[[meta title="Monkeysphere community"]] +[[meta title="Community"]] -# Mailing list # +## Mailing list ## The Monkeysphere project is a new project with just one mailing list at the moment. Its where we roll our sphere, discuss development @@ -14,7 +14,7 @@ friendly bunch. You can also [look through our archives](https://lists.riseup.net/www/arc/monkeysphere) if you don't believe us. -# Development # +## Development ## The Monkeysphere uses a distributed development model with [git](http://git.or.cz/). Once you've [installed @@ -22,9 +22,9 @@ git](http://www.spheredev.org/wiki/Git_for_the_lazy), you can [git clone](http://www.kernel.org/pub/software/scm/git/docs/git-clone.html) from this web site: - git clone git://monkeysphere.info/monkeysphere + git clone git://git.monkeysphere.info/monkeysphere -## Individual developer repositories ## +### Individual developer repositories ### You might also be interested in the repositories of individual developers, which may contain branches or features not yet in the main @@ -43,7 +43,7 @@ Micah Anderson: git clone git://labs.riseup.net/~micah/monkeysphere -# Contact # +## Contact ## Please feel free to contact any of the Monkeysphere developers or post to the mailing list with questions, comments, bug reports, requests, diff --git a/website/doc.mdwn b/website/doc.mdwn index 0b65aed..634afd9 100644 --- a/website/doc.mdwn +++ b/website/doc.mdwn @@ -1,7 +1,7 @@ [[!template id="nav"]] [[meta title="Documentation"]] -# Dependencies # +## Dependencies ## Monkeysphere relies on: @@ -9,15 +9,18 @@ Monkeysphere relies on: * [OpenSSH](http://openssh.com/) * [GnuPG](http://gnupg.org/) -# Getting started # +## Getting started ## * Getting started as a [user](/getting-started-user) * Getting started as a [server admin](/getting-started-admin) -# References # +## References ## * [Initial specifications at CMRG](http://cmrg.fifthhorseman.net/wiki/OpenPGPandSSH) * [OpenPGP (RFC 4880)](http://tools.ietf.org/html/rfc4880) * [Secure Shell Authentication Protocol (RFC 4252)](http://tools.ietf.org/html/rfc4252) * [URI scheme for SSH, RFC draft](http://tools.ietf.org/wg/secsh/draft-ietf-secsh-scp-sftp-ssh-uri/) - * [Other similar projects](/others) + +## Other ## + + * [Similar Projects](/similar) (other attempts at a PKI for SSH) diff --git a/website/download.mdwn b/website/download.mdwn index b848e2a..69048c9 100644 --- a/website/download.mdwn +++ b/website/download.mdwn @@ -8,8 +8,8 @@ by following these directions: You can add this repo to your system by putting the following lines in /etc/apt/sources.list.d/monkeysphere.list: - deb http://monkeysphere.info/debian experimental monkeysphere - deb-src http://monkeysphere.info/debian experimental monkeysphere + deb http://archive.monkeysphere.info/debian experimental monkeysphere + deb-src http://archive.monkeysphere.info/debian experimental monkeysphere The repository is currently signed by [Daniel Kahn Gillmor's OpenPGP key](http://fifthhorseman.net/dkg.gpg "dkg's key"), key id D21739E9 @@ -23,7 +23,7 @@ Once you've installed the packages, you might want to read up on how to get started [as a regular user](/getting-started-user), or [as a systems administrator](/getting-started-admin). -### Enhancements ### +## Enhancements ## As of 2008-08-22, If you run debian lenny you're very close to being able to run a fully monkeysphere-enabled system. One gap in the @@ -34,7 +34,7 @@ You can install a patched version of GnuTLS to enable this feature of the MonkeySphere by adjusting the monkeysphere `sources.list` lines to include the `gnutls` component. So they'd look like this instead: - deb http://monkeysphere.info/debian experimental monkeysphere gnutls - deb-src http://monkeysphere.info/debian experimental monkeysphere gnutls + deb http://archive.monkeysphere.info/debian experimental monkeysphere gnutls + deb-src http://archive.monkeysphere.info/debian experimental monkeysphere gnutls You can [read more about this offering](/news/modified-gnutls-2.4.x-available). diff --git a/website/getting-started-user.mdwn b/website/getting-started-user.mdwn index 5cb96b9..3f7b689 100644 --- a/website/getting-started-user.mdwn +++ b/website/getting-started-user.mdwn @@ -92,8 +92,8 @@ to take this step, you will need to upgrade to a patched version of gnutls. You can easily upgrade a Debian system by adding the following to `/etc/apt/sources.list.d/monkeysphere.list`: - deb http://monkeysphere.info/debian experimental gnutls - deb-src http://monkeysphere.info/debian experimental gnutls + deb http://archive.monkeysphere.info/debian experimental gnutls + deb-src http://archive.monkeysphere.info/debian experimental gnutls Next, run `aptitude update; aptitude install libgnutls26`. diff --git a/website/local.css b/website/local.css index 61adaba..b9d7287 100644 --- a/website/local.css +++ b/website/local.css @@ -1,29 +1,42 @@ +h2 { +-moz-border-radius-topleft:4px; +-moz-border-radius-topright:4px; +background-color:#B67B4E; +color:black; +display:block; +font-weight:bold; +padding:0 0 0 10px; +} + body { - font-family: "Liberation Sans",sans-serif; - font-size:1em; - margin-left: 5%; - margin-right:20%; +color:#3F403F; +font-family:"Liberation Sans",sans-serif; +font-size:0.95em; } -h1 { - font-size: 1.5em; +*|*:visited +color:#f6a464; } -h2 { - font-size: 1.2em; +*|*:-moz-any-link { +text-decoration:none; } -h3 { - font-size: 1em; +:-moz-any-link { +cursor:pointer; } -h4 { - font-size: 1em; +a:link { + color: #CC6600; + text-deoration: none; } -.header span { - font-size: 1.5em; - color: #aaaaaa; +a:visited { + color: #c2772b; +} + +a:hover { + text-decoration: underline; } pre { @@ -32,3 +45,35 @@ pre { padding: 3px 3px 3px 3px; margin-left: 2em; } + +table.sitenav { + border-bottom: 2px solid black; + padding: 0px; + width: 100%; + font-size: larger; +} + +table.sitenav img.logo { + margin: 0px; + padding: 0px; + vertical-align: bottom; +} + +table.sitenav a { + font-weight: bold; + margin-right: 1em; +} + +table.sitenav span.selflink { + font-weight: bold; + text-decoration: underline; + margin-right: 1em; +} + +div.header { + text-align: right; +} + +div.actions { + text-align: right; +} diff --git a/website/logo.png b/website/logo.png new file mode 100644 index 0000000..33b3e78 Binary files /dev/null and b/website/logo.png differ diff --git a/website/news.mdwn b/website/news.mdwn index 4f8a638..7380eff 100644 --- a/website/news.mdwn +++ b/website/news.mdwn @@ -1,5 +1,5 @@ [[!template id="nav"]] - +[[meta title="News"]] Here are the latest announcements about the Monkeysphere. [[inline pages="./news/* and !*/Discussion" rootpage="news" show="30"]] diff --git a/website/news/apt-repo-moved.mdwn b/website/news/apt-repo-moved.mdwn new file mode 100644 index 0000000..8f0bf81 --- /dev/null +++ b/website/news/apt-repo-moved.mdwn @@ -0,0 +1,8 @@ +[[meta title="APT repository moved"]] + +The monkeysphere APT repository has been moved from +`http://monkeysphere.info/debian` to +`http://archive.monkeysphere.info/debian`. You'll probably want to +update your `sources.list` to match the [official lines](/download). + +Apologies for any confusion or hassle this causes! diff --git a/website/news/git-repo-moved.mdwn b/website/news/git-repo-moved.mdwn new file mode 100644 index 0000000..c2755d1 --- /dev/null +++ b/website/news/git-repo-moved.mdwn @@ -0,0 +1,9 @@ +[[meta title="git repository moved"]] + +The monkeysphere git repository has been moved from +`git://monkeysphere.info/monkeysphere` to +`git://git.monkeysphere.info/monkeysphere`. You'll probably want to +update your `.git/config` to match the [official clone +target](/community). + +Apologies for any confusion or hassle this causes! diff --git a/website/news/modified-gnutls-2.4.x-available.mdwn b/website/news/modified-gnutls-2.4.x-available.mdwn index b3db308..44e08d0 100644 --- a/website/news/modified-gnutls-2.4.x-available.mdwn +++ b/website/news/modified-gnutls-2.4.x-available.mdwn @@ -9,8 +9,8 @@ circumstances. You can track this package in debian lenny by adding the following lines to `/etc/apt/sources.list`: - deb http://monkeysphere.info/debian experimental gnutls - deb-src http://monkeysphere.info/debian experimental gnutls + deb http://archive.monkeysphere.info/debian experimental gnutls + deb-src http://archive.monkeysphere.info/debian experimental gnutls Or you can patch and build the packages yourself with the patches and scripts provided in [the MonkeySphere git repo](/download). diff --git a/website/similar.mdwn b/website/similar.mdwn new file mode 100644 index 0000000..1a33b06 --- /dev/null +++ b/website/similar.mdwn @@ -0,0 +1,123 @@ +[[!template id="nav"]] +[[meta title="Similar Projects"]] + +The monkeysphere isn't the only project intending to implement a PKI +for OpenSSH. We provide links to these other projects because they're +interesting, though we have concerns with their approaches. + +[[toc ]] + +All of the other projects we've found so far require a patched version +of OpenSSH, which makes adoption more difficult. Most people don't +build their own software, and simply overlaying a patched binary is +associated with significant maintenance (and therefore security) +problems. + +While ultimately contributing a patch to +[OpenSSH](http://openssh.com/) (or any +[free](http://www.chiark.greenend.org.uk/~sgtatham/putty/) +[SSH](http://www.lysator.liu.se/~nisse/lsh/) +[implementation](http://matt.ucc.asn.au/dropbear/dropbear.html)) is +not a bad thing, we hope to be able to better establish the use of a +PKI without resorting to source modification. + +## openssh-gpg ## + +[openssh-gpg](http://www.red-bean.com/~nemo/openssh-gpg/) is a patch +against OpenSSH to support OpenPGP certificates. According to its +documentation, it is intended to support [`pgp-sign-rsa` and +`pgp-sign-dss` public key algorithms for hosts, as specified by the +IETF](http://tools.ietf.org/html/rfc4253#section-6.6). + +Some concerns with `openssh-gpg`: + + * This patch is old; it doesn't appear to have been maintained beyond + OpenSSH 3.6p1. As of this writing, OpenSSH 5.1p1 is current. + + * It only provides infrastructure in one direction: the user + authenticating the host by name. There doesn't seem to be a + mechanism for dealing with identifying users by name, or allowing + users to globally revoke or update keys. + + * The choice of User ID (`anything goes here (and here!) + `) for host keys overlaps with the current use + of the User ID space. While it's unlikely that someone actually + uses this e-mail address in the web of trust, it would be a nasty + collision, as the holder of that key could impersonate the server + in question. The monkeysphere uses [User IDs of the form + `ssh://foo.example.net`](http://tools.ietf.org/wg/secsh/draft-ietf-secsh-scp-sftp-ssh-uri/) + to avoid collisions with existing use. + + * It's not clear that `openssh-gpg` acknowledges or respects the + [usage flags](http://tools.ietf.org/html/rfc4880#section-5.2.3.21) + on the host keys. This means that it could accept a "sign-only" + key as suitable for authenticating a host, despite the + clearly-marked intentions of the key-holder. + +## Perspectives OpenSSH client ## + +[The Perspectives project](http://www.cs.cmu.edu/~perspectives/) at +CMU has released an [openssh client that uses network +notaries](http://www.cs.cmu.edu/~perspectives/openssh.html) to bolster +your confidence in newly-seen keys. This offers a defense against a +narrow MITM attack (e.g. by someone who controls your local gateway) +by simply verifying that other machines from around the network see +the same keys for the remote host that you're seeing. + +This tactic is quite useful, but doesn't take the system as far as it +could go, and doesn't tie into any existing web of trust. + +Some concerns with the Perspectives OpenSSH client: + + * This client won't help if you are connecting to machines behind + firewalls, on NAT'ed LANs, with source IP filtering, or otherwise + in a restricted network state. + + * There is still a question of why you should trust these particular + notaries during your verification. Who are the notaries? How + could they be compromised? + + * It only provides infrastructure in one direction: the user + authenticating the host by name. There is no mechanism for dealing + with identifying users by name, or allowing users to globally + revoke or change keys. + + * It doesn't provide any mechanism for key rotation or revocation: + Perspectives won't help you if you need to re-key your machine. + +## OpenSSH with X.509v3 certificates ## + +Roumen Petrov [maintains a patch to OpenSSH that works with the X.509 +PKI model](http://www.roumenpetrov.info/openssh/). This is the +certificate hierarchy commonly used by TLS (and SSL). + +Some concerns about OpenSSH with X.509v3: + + * the X.509 certificate specification itself [encourages corporate + consolidation and centralized global "trust" because of its + single-issuer architectural + limitation](http://lair.fifthhorseman.net/~dkg/tls-centralization/). + This results in an expensive and cumbersome system for smaller + players, and it also doesn't correspond to the true distributed + nature of human-to-human trust. Furthermore, centralized global + "trusted authorities" create a tempting target for attack, and a + single-point-of-failure if an attack is successful. + + Depending on how you declare your trust relationships, OpenPGP is + capable of providing the same hierarchical structure as X.509, but + it is not limited to such a structure. The OpenPGP Web of Trust + model is more flexible and more adaptable to represent real-world + trust than X.509's rigid hierarchy. + + * X.509 certificates can identify hosts by name, but not by + individual service. This means that a compromised web or e-mail + server with access to the X.509 key for that service could re-use + its certificate as an SSH server, and it would be able to + masquerade successfully. + + The monkeysphere uses [User IDs of the form + `ssh://foo.example.net`](http://tools.ietf.org/wg/secsh/draft-ietf-secsh-scp-sftp-ssh-uri/), + so they are not by-default shared across services on the same host + (you can still share a key across services on the same host if you + like, but the service User IDs can be certified independently of + one another). diff --git a/website/templates/nav.mdwn b/website/templates/nav.mdwn index a4bcebf..33ab8ce 100644 --- a/website/templates/nav.mdwn +++ b/website/templates/nav.mdwn @@ -1,3 +1,13 @@ -[[overview|/index]] | [[why?|/why]] | [[/download]] | [[documentation|/doc]] | [[/news]] | [[/community]] | [[/bugs]] + +
+ + ----- +[[WHY?|why]] +[[DOWNLOAD|download]] +[[DOCUMENTATION|doc]] +[[NEWS|news]] +[[COMMUNITY|community]] +[[BUGS|bugs]] + +
diff --git a/website/why.mdwn b/website/why.mdwn index 989c4eb..5dc0e05 100644 --- a/website/why.mdwn +++ b/website/why.mdwn @@ -2,7 +2,7 @@ [[meta title="Why should you be interested in the MonkeySphere?"]] -# Why should you be interested in the MonkeySphere? # +[[toc ]] ## As an `ssh` user ## @@ -31,6 +31,8 @@ Have you ever wished you could phase out an old key and start using a new one without having to comb through every single account you have ever connected to? +[Get started with the monkeysphere as a user!](/getting-started-user) + ## As an system administrator ## As a system administrator, have you ever tried to re-key an SSH @@ -45,6 +47,8 @@ Have you ever wanted to be able to add or revoke the ability of a user's key to authenticate across an entire infrastructure you manage, without touching each host by hand? +[Get started with the monkeysphere as an administrator!](/getting-started-admin) + ## What's the connection? ## All of these issues are related to a lack of a [Public Key