From: Jameson Rollins Date: Mon, 18 Jan 2010 04:01:35 +0000 (-0500) Subject: Merge remote branch 'dkg/master' X-Git-Tag: monkeysphere_0.28~33^2 X-Git-Url: https://codewiz.org/gitweb?a=commitdiff_plain;h=a377e69b60eff2fa9e72bb931acb57833560d594;hp=c4b0a1e409cab69558aaa0fd47f7076ed6481e3e;p=monkeysphere.git Merge remote branch 'dkg/master' --- diff --git a/changelog b/changelog deleted file mode 120000 index 4264fa4..0000000 --- a/changelog +++ /dev/null @@ -1 +0,0 @@ -packaging/debian/changelog \ No newline at end of file diff --git a/changelog b/changelog new file mode 100644 index 0000000..b370958 --- /dev/null +++ b/changelog @@ -0,0 +1,388 @@ +monkeysphere (0.28~pre1) UNRELEASED; urgency=low + + * Major rework of monkeysphere-host to handle multiple host keys. We + also no longer assume ssh service keys. monkeysphere-host is now a + general-purpose host service OpenPGP key management UI. + * Rename keys-from-userid command to more accurate keys-for-userid + * separate upstream and debian changelogs + + -- Jameson Rollins Sat, 16 Jan 2010 12:21:34 -0500 + +monkeysphere (0.27) unstable; urgency=low + + * fixed monkeysphere gen-subkey subcommand that was erroneously creating + DSA subkeys due to unannounced change in gpg edit-key UI. Now tests + for gpg version (closes MS #1536) + * add new monkeysphere keys-from-userid subcommand to output all + acceptable keys for a given user ID literal + + -- Jameson Rollins Mon, 11 Jan 2010 20:54:21 -0500 + +monkeysphere (0.26) unstable; urgency=low + + * add 'refresh-keys' subcommand to monkeysphere-authentication + * improve marginal UI (closes MS #1141) + * add MONKEYSPHERE_STRICT_MODES configuration to avoid + permission-checking (closes MS #649) + * test scripts use STRICT_MODES to avoid failure when built under /tmp + * do permissions checks with a perl script instead of non-portable + readlink GNUisms + * bail on permissions check if we hit the home directory (helpful on Mac + OS and other systems with loose /home or /Users (closes MS #675) + + -- Jameson Graef Rollins Sat, 01 Aug 2009 17:11:05 -0400 + +monkeysphere (0.25) unstable; urgency=low + + * New upstream release: + * update/fix the marginal ui output + * use msmktempdir everywhere (avoid unwrapped calls to mktemp for + portability) + * clean out some redundant "cat"s + * fix monkeysphere update-known_hosts for sshd running on non-standard + ports + * add 'sshfpr' subcommand to output the ssh fingerprint of a gpg key + * pem2openpgp now generates self-sigs over SHA-256 instead of SHA-1 + (changes dependency to libdigest-sha-perl) + * some portability improvements + * properly handle translation of keys with fingerprints with leading + all-zero bytes. + * resolve symlinks when checking paths (thanks Silvio Rhatto) + (closes MS #917) + * explicitly set and use MONKEYSPHERE_GROUP from system "groups" + * monkeysphere-host now uses keytrans to add and revoke hostname + (closes MS #422) + + -- Jameson Graef Rollins Thu, 16 Jul 2009 22:09:19 -0400 + +monkeysphere (0.24) unstable; urgency=low + + * fixed how version information is stored/retrieved + * now uses perl-based keytrans for both pem2openpgp and openpgp2ssh + * no longer needs base64 in PATH + * added "test" make target + * improved transitions/0.23 script so it no longer fails in common + circumstances (Closes: #517779) + * RSA only: no longer handles DSA keys + * added ability to specify subkeys to add to ssh agent with new + MONKEYSPHERE_SUBKEYS_FOR_AGENT environment variable + + -- Jameson Graef Rollins Tue, 03 Mar 2009 19:38:33 -0500 + +monkeysphere (0.23) unstable; urgency=low + + "The Golden Bezoar Release" + + * rearchitect UI: + - replace monkeysphere-server with monkeysphere-{authentication,host} + - fold monkeysphere-ssh-proxycommand into /usr/bin/monkeysphere + * new ability to import existing ssh host key into monkeysphere. So now + m-a import-key replaces m-s gen-key. + * provide pem2openpgp for translating unencrypted PEM-encoded raw key + material into OpenPGP keys (introduces new perl dependencies) + * get rid of getopts dependency + * added version output option + * better checks for the existence of a host private key for + monkeysphere-host subcommands that need it. + * better checks on validity of existing authentication subkeys when + doing monkeysphere gen_subkey. + * add transition infrastructure for major changes between releases (see + transitions/README.txt) + * implement and document two new monkeysphere-host subcommands: + revoke-key and add-revoker + + -- Daniel Kahn Gillmor Sat, 21 Feb 2009 17:51:06 -0500 + +monkeysphere (0.22) unstable; urgency=low + + [ Jameson Graef Rollins ] + * added info log output when a new key is added to known_hosts file. + * added some useful output to the ssh-proxycommand for "marginal" cases + where keys are found for host but do not have full validity. + * force ssh-keygen to read from stdin to get ssh key fingerprint. + + [ Daniel Kahn Gillmor ] + * automatically output two copies of the host's public key: one standard + ssh public key file, and the other a minimal OpenPGP key with just the + latest valid self-sig. + * debian/control: corrected alternate dependency from procfile to + procmail (which provides /usr/bin/lockfile) + + -- Jameson Graef Rollins Fri, 28 Nov 2008 14:23:31 -0500 + +monkeysphere (0.21) unstable; urgency=low + + * move debian packaging to packaging subdirectory. + + -- Jameson Graef Rollins Sat, 15 Nov 2008 16:14:27 -0500 + +monkeysphere (0.20) unstable; urgency=low + + [ Daniel Kahn Gillmor ] + * ensure that tempdirs are properly created, bail out otherwise instead + of stumbling ahead. + * minor fussing with the test script to make it cleaner. + + [ Jameson Graef Rollins ] + * clean up Makefile to generate more elegant source tarballs. + * make myself the maintainer. + + -- Jameson Graef Rollins Sat, 15 Nov 2008 13:12:57 -0500 + +monkeysphere (0.19) experimental; urgency=low + + [ Daniel Kahn Gillmor ] + * simulating an X11 session in the test script. + * updated packaging so that symlinks to config files are correct. + + -- Daniel Kahn Gillmor Wed, 29 Oct 2008 02:47:49 -0400 + +monkeysphere (0.18) experimental; urgency=low + + [ Jameson Graef Rollins ] + * Fix bugs in authorized_{user_ids,keys} file permission checking. + * Add new monkeysphere tmpdir to enable atomic moves of authorized_keys + files. + * chown authorized_keys files to `whoami`, for compatibility with test + suite. + * major improvements to test suite, added more tests. + + [ Daniel Kahn Gillmor ] + * update make install to ensure placement of + /etc/monkeysphere/gnupg-{host,authentication}.conf + * choose either --quick-random or --debug-quick-random depending on + which gpg supports for the test suite. + + -- Daniel Kahn Gillmor Wed, 29 Oct 2008 00:41:38 -0400 + +monkeysphere (0.17) experimental; urgency=low + + [ Jameson Graef Rollins ] + * Fix some bugs in, and cleanup, authorized_keys file creation in + monkeysphere-server update-users. + * Move to using the empty string for not adding a user-controlled + authorized_keys file in the RAW_AUTHORIZED_KEYS variable. + + -- Daniel Kahn Gillmor Tue, 28 Oct 2008 02:04:22 -0400 + +monkeysphere (0.16) experimental; urgency=low + + [ Daniel Kahn Gillmor ] + * replaced "#!/bin/bash" with "#!/usr/bin/env bash" for better + portability. + * fixed busted lockfile arrangement, where empty file was being locked + * portability fixes in the way we use date, mktemp, hostname, su + * stop using /usr/bin/stat, since the syntax appears to be totally + unportable + * require GNU getopt, and test for getopt failures (look for getopt in + /usr/local/bin first, since that's where FreeBSD's GNU-compatible + getopt lives. + * monkeysphere-server diagnostics now counts problems and suggests a + re-run after they have been resolved. + * completed basic test suite: this can be run from the git sources or + the tarball with: cd tests && ./basic + + [ Jameson Graef Rollins ] + * Genericize fs location variables. + * break out gpg.conf files into SYSCONFIGDIR, and not auto-generated at + install. + + -- Daniel Kahn Gillmor Sun, 26 Oct 2008 03:06:18 -0400 + +monkeysphere (0.15) experimental; urgency=low + + * porting work and packaging simplification: clarifying makefiles, + pruning dependencies, etc. + * added tests to monkeysphere-server diagnostics + * moved monkeysphere(5) to section 7 of the manual + * now shipping TODO in /usr/share/doc/monkeysphere + + -- Daniel Kahn Gillmor Thu, 04 Sep 2008 19:08:40 -0400 + +monkeysphere (0.14) experimental; urgency=low + + * changing debian packaging back to format 1.0 so we get automatic + tarballs, and easier inclusion in other build networks. + * no other source changes. + + -- Daniel Kahn Gillmor Thu, 04 Sep 2008 13:03:35 -0400 + +monkeysphere (0.13) experimental; urgency=low + + [ Daniel Kahn Gillmor ] + * tweaks in /usr/bin/monkeysphere to handle odd secret keyrings. + * updated makefile to reflect the package building technique we've been + using for a month now. + + [ Jameson Graef Rollins ] + * move location of user config directory to ~/.monkeysphere. + + -- Daniel Kahn Gillmor Wed, 03 Sep 2008 17:26:10 -0400 + +monkeysphere (0.12) experimental; urgency=low + + [ Jameson Graef Rollins ] + * Improved output handling. New LOG_LEVEL variable. + + [ Daniel Kahn Gillmor ] + * debian/control: switched Homepage: and Vcs-Git: to canonicalized + upstream hostnames. + * updated documentation for new release. + * changed my associated e-mail address for this package. + + -- Daniel Kahn Gillmor Tue, 02 Sep 2008 18:54:29 -0400 + +monkeysphere (0.11) experimental; urgency=low + + [ Jameson Graef Rollins ] + * fix bug in trustdb update on add/revoke-hostname. + + [ Daniel Kahn Gillmor ] + * debian/control: added Build-Depends: git-core for the new packaging + format + * new subcommand: monkeysphere subkey-to-ssh-agent (relies on a patched + GnuTLS to deal with GPG's gnu-dummy S2K extension, but fails cleanly + if not found). + + -- Daniel Kahn Gillmor Wed, 20 Aug 2008 11:24:35 -0400 + +monkeysphere (0.10) experimental; urgency=low + + [ Jameson Graef Rollins ] + * brown paper bag release: invert test on calculated validity of keys. + + -- Daniel Kahn Gillmor Mon, 18 Aug 2008 16:22:34 -0400 + +monkeysphere (0.9) experimental; urgency=low + + [ Daniel Kahn Gillmor ] + * implemented "monkeysphere-server extend-key" to adjust expiration + date of host key. + * removed "monkeysphere-server fingerprint". Use "monkeysphere-server + show-key" instead. + + [ Jameson Graef Rollins ] + * fixed bug in user id processing that prevented bad primary keys from + being properly removed. + + -- Daniel Kahn Gillmor Mon, 18 Aug 2008 15:42:12 -0400 + +monkeysphere (0.8) experimental; urgency=low + + [ Daniel Kahn Gillmor ] + * debian/control: switched Vcs-Git to use "centralized" git repo instead + of my own. + * More monkeysphere-server diagnostics + * monkeysphere --gen-subkey now guesses what KeyID you meant. + * added Recommends: ssh-askpass to ensure monkeysphere --gen-subkey + works sensibly under X11 + + [ Jameson Graef Rollins ] + * fix another bug when known_hosts files are missing. + * sort processed keys so that "good" keys are processed after "bad" + keys. This will prevent malicious bad keys from causing good keys to + be removed from key files. + * enabled host key publication. + * added checking of gpg.conf for keyserver + * new functions to add/revoke host key user IDs + * improved list-certifiers function (now non-privileged) + + -- Daniel Kahn Gillmor Mon, 18 Aug 2008 12:43:37 -0400 + +monkeysphere (0.7) experimental; urgency=low + + [ Daniel Kahn Gillmor ] + * Added monkeysphere-server diagnostics subcommand. + * rebuilding package using Format: 3.0 (git) + + [ Jameson Graef Rollins ] + * fix how check for file modification is done. + * rework out user id processing is done to provide more verbose log + output. + * fix bug in monkeysphpere update-authorized_keys subcommand where + disallowed keys failed to be remove from authorized_keys file. + + -- Daniel Kahn Gillmor Mon, 04 Aug 2008 10:47:41 -0400 + +monkeysphere (0.6) experimental; urgency=low + + [ Jameson Graef Rollins ] + * Fix bug in return on error of ssh-proxycommand. + + [ Daniel Kahn Gillmor ] + * try socat if netcat is not available in proxycommand. + + -- Daniel Kahn Gillmor Tue, 29 Jul 2008 10:27:20 -0400 + +monkeysphere (0.5) experimental; urgency=low + + [ Daniel Kahn Gillmor ] + * updated READMEs to match current state of code + + [ Jameson Graef Rollins ] + * Tweak how empty authorized_user_ids and known_hosts files are handled. + * Do not fail when authorized_user_ids or known_hosts file is not found. + + -- Daniel Kahn Gillmor Mon, 28 Jul 2008 10:50:02 -0400 + +monkeysphere (0.4) experimental; urgency=low + + [ Daniel Kahn Gillmor ] + * New version. + * Fixed return code error in openpgp2ssh + + [ Jameson Graef Rollins ] + * Privilege separation: use monkeysphere user to handle maintenance of + the gnupg authentication keychain for server. + * Improved certifier key management. + * Fixed variable scoping and config file precedence. + * Add options for key generation and add-certifier functions. + * Fix return codes for known_host and authorized_keys updating + functions. + * Add write permission check on authorized_keys, known_hosts, and + authorized_user_ids files. + + -- Daniel Kahn Gillmor Tue, 22 Jul 2008 21:50:17 -0400 + +monkeysphere (0.3) experimental; urgency=low + + [ Daniel Kahn Gillmor ] + * new version. + + [ Jameson Graef Rollins ] + * Move files in /var/cache/monkeysphere and GNUPGHOME for server to + the more appropriate /var/lib/monkeysphere. + + -- Daniel Kahn Gillmor Tue, 24 Jun 2008 00:55:29 -0400 + +monkeysphere (0.2) experimental; urgency=low + + * added lockfile-progs dependency + + -- Daniel Kahn Gillmor Mon, 23 Jun 2008 19:34:05 -0400 + +monkeysphere (0.2) experimental; urgency=low + + [ Daniel Kahn Gillmor ] + * openpgp2ssh now supports specifying keys by full fingerprint. + + [ Jameson Graef Rollins ] + * Add AUTHORIZED_USER_IDS config variable for server, which defaults to + %h/.config/monkeysphere/authorized_user_ids, instead of + /etc/monkeysphere/authorized_user_ids. + * Remove {update,remove}-userids functions, since we decided they + weren't useful enough to be worth maintaining. + * Better handling of unknown users in server update-users + * Add file locking when modifying known_hosts or authorized_keys + * Better failure/prompting for gen-subkey + * Add ability to set any owner trust level for keys in server keychain. + + -- Daniel Kahn Gillmor Mon, 23 Jun 2008 17:03:19 -0400 + +monkeysphere (0.1) experimental; urgency=low + + * First release of debian package for monkeysphere. + * This is experimental -- please report bugs! + + -- Daniel Kahn Gillmor Thu, 19 Jun 2008 00:34:53 -0400 + diff --git a/man/man1/monkeysphere.1 b/man/man1/monkeysphere.1 index c5296ec..e725aa5 100644 --- a/man/man1/monkeysphere.1 +++ b/man/man1/monkeysphere.1 @@ -13,7 +13,9 @@ monkeysphere - Monkeysphere client user interface \fBMonkeysphere\fP is a framework to leverage the OpenPGP web of trust for OpenSSH and TLS key-based authentication. OpenPGP keys are tracked via GnuPG, and added to the authorized_keys and known_hosts -files used by OpenSSH for connection authentication. +files used by OpenSSH for connection authentication. Monkeysphere can +also be used by a monkeysphere validation agent to validate TLS +connections on the web. \fBmonkeysphere\fP is the Monkeysphere client utility. diff --git a/man/man7/monkeysphere.7 b/man/man7/monkeysphere.7 index f5a2371..775826e 100644 --- a/man/man7/monkeysphere.7 +++ b/man/man7/monkeysphere.7 @@ -7,10 +7,12 @@ Trust .SH DESCRIPTION -\fBMonkeysphere\fP is a framework to leverage the OpenPGP Web of Trust -for ssh authentication. OpenPGP keys are tracked via GnuPG, and added -to the authorized_keys and known_hosts files used by ssh for -connection authentication. +\fBMonkeysphere\fP is a framework to leverage the OpenPGP web of trust +for OpenSSH and TLS key-based authentication. OpenPGP keys are +tracked via GnuPG, and added to the authorized_keys and known_hosts +files used by OpenSSH for connection authentication. Monkeysphere can +also be used by a monkeysphere validation agent to validate TLS +connections on the web. .SH IDENTITY CERTIFIERS @@ -44,10 +46,9 @@ address in the User ID). .SH KEY ACCEPTABILITY -During known_host and authorized_keys updates, the monkeysphere -commands work from a set of user IDs to determine acceptable keys for -ssh authentication. OpenPGP keys are considered acceptable if the -following criteria are met: +The monkeysphere commands work from a set of user IDs to determine +acceptable keys for ssh and TLS authentication. OpenPGP keys are +considered acceptable if the following criteria are met: .TP .B capability The key must have the `authentication' (`a') usage flag set. @@ -61,8 +62,15 @@ The relevant user ID must be signed by a trusted identity certifier. .SH HOST IDENTIFICATION -The OpenPGP keys for hosts have associated user IDs that use the ssh -URI specification for the host, i.e. `ssh://host.full.domain[:port]'. +The OpenPGP keys for hosts have associated `service names` (OpenPGP +user IDs) that are based on URI specifications for the service. Some +examples: +.TP +.B ssh: +ssh://host.full.domain[:port] +.TP +.B https: +https://host.full.domain[:port] .SH AUTHOR diff --git a/man/man8/monkeysphere-host.8 b/man/man8/monkeysphere-host.8 index 2a670a1..3a7b629 100644 --- a/man/man8/monkeysphere-host.8 +++ b/man/man8/monkeysphere-host.8 @@ -37,12 +37,12 @@ added to the user ID, which means the default port for that service (e.g. 22 for ssh) is assumed. `i' may be used in place of `import\-key'. .TP -.B show\-key [KEYID ...] +.B show\-keys [KEYID ...] Output information about the OpenPGP certificate(s) for services offered by the host, including their KEYIDs. If no KEYID is specified (or if the special string `--all' is used), output information about all certificates managed by \fBmonkeysphere\-host\fP. `s' may be used -in place of `show\-key'. +in place of `show\-keys'. .TP .B set\-expire EXPIRE [KEYID] Extend the validity of the OpenPGP certificate specified until EXPIRE @@ -62,11 +62,11 @@ Add a service-specific user ID to the specified certificate. For example, the operator of `https://example.net' may wish to add an additional servicename of `https://www.example.net' to the certificate corresponding to the secret key used by the TLS-enabled web server. -`n+' may be used in place of `add\-hostname'. +`add-name' or `n+' may be used in place of `add\-hostname'. .TP .B revoke\-servicename SCHEME://HOSTNAME[:PORT] [KEYID] Revoke a service-specific user ID from the specified certificate. -`n\-' may be used in place of `revoke\-hostname'. +`revoke-name' or `n\-' may be used in place of `revoke\-hostname'. .TP .B add\-revoker REVOKER_KEYID|FILE [KEYID] Add a revoker to the specified OpenPGP certificate. The revoker can @@ -87,11 +87,11 @@ tell it to publish the revocation certificate immediately, it will send it to the public keyservers. PUBLISH THESE CERTIFICATES ONLY IF YOU ARE SURE THE CORRESPONDING KEY WILL NEVER BE RE-USED! .TP -.B publish\-key [KEYID ...] +.B publish\-keys [KEYID ...] Publish the specified OpenPGP certificates to the public keyservers. If the special string `--all' is specified, all of the host's OpenPGP certificates will be published. `p' may be used in place of -`publish-key'. Note that there is no way to remove a key from the +`publish-keys'. NOTE: that there is no way to remove a key from the public keyservers once it is published! .TP .B version @@ -101,9 +101,6 @@ Show the monkeysphere version number. `v' may be used in place of .B help Output a brief usage summary. `h' or `?' may be used in place of `help'. - - -Other commands: .TP .B diagnostics Review the state of the monkeysphere server host key and report on @@ -216,12 +213,18 @@ If set to `false', never prompt the user for confirmation. (true) System monkeysphere\-host config file. .TP /var/lib/monkeysphere/host_keys.pub.gpg -A world-readable copy of all of the host's public keys in OpenPGP -format, including all relevant self-signatures. +A world-readable copy of the host's OpenPGP public keyring in +ASCII armored format. This includes the public key certificates, +including all relevant self-signatures, of all host keys and host key +revokers. +.TP +/var/lib/monkeysphere/host_keys.pub.fprs +A world-readable file containing the OpenPGP fingerprints of all host +keys, one per line. .TP /var/lib/monkeysphere/host/ A locked directory (readable only by the superuser) containing copies -of all imported secret keys. +of all imported secret keys (this is the host's GNUPGHOME directory). .SH AUTHOR @@ -233,8 +236,8 @@ Matthew Goins .SH SEE ALSO .BR monkeysphere (1), -.BR monkeysphere\-authentication (8), .BR monkeysphere (7), .BR gpg (1), +.BR monkeysphere\-authentication (8), .BR ssh (1), .BR sshd (8) diff --git a/packaging/debian/changelog b/packaging/debian/changelog index df9db80..7180544 100644 --- a/packaging/debian/changelog +++ b/packaging/debian/changelog @@ -1,21 +1,13 @@ -monkeysphere (0.28-1~pre1) UNRELEASED; urgency=low +monkeysphere (0.28~pre1-1) UNRELEASED; urgency=low - * New upstream release: - - Major rework of monkeysphere-host to handle multiple host keys. We - also no longer assume ssh service keys. monkeysphere-host is now a - general-purpose host service OpenPGP key management UI. - - Rename keys-from-userid command to more accurate keys-for-userid + * New upstream release + * Separate upstream and debian changelogs - -- Jameson Rollins Sat, 16 Jan 2010 11:56:45 -0500 + -- Jameson Rollins Sat, 16 Jan 2010 12:27:04 -0500 monkeysphere (0.27-1) unstable; urgency=low - * New upstream release: - - fixed monkeysphere gen-subkey subcommand that was erroneously - creating DSA subkeys due to unannounced change in gpg edit-key UI. - Now tests for gpg version (closes MS #1536) - - add new monkeysphere keys-from-userid subcommand to output all - acceptable keys for a given user ID literal + * New upstream release * updated debian/copyright to match the latest revision of DEP5. * updated standards version to 3.8.3 (no changes needed) * add cpio to Build-Depends (used in test suite) (Closes: #562444) @@ -24,57 +16,20 @@ monkeysphere (0.27-1) unstable; urgency=low monkeysphere (0.26-1) unstable; urgency=low - * New upstream release: - - add 'refresh-keys' subcommand to monkeysphere-authentication - - improve marginal UI (closes MS #1141) - - add MONKEYSPHERE_STRICT_MODES configuration to avoid - permission-checking (closes MS #649) - - test scripts use STRICT_MODES to avoid failure when built under /tmp - (Closes: #527765) - - do permissions checks with a perl script instead of non-portable - readlink GNUisms - - bail on permissions check if we hit the home directory (helpful on - Mac OS and other systems with loose /home or /Users (closes MS #675) + * New upstream release (Closes: #527765) -- Jameson Graef Rollins Sat, 01 Aug 2009 17:11:05 -0400 monkeysphere (0.25-1) unstable; urgency=low - * New upstream release: - - update/fix the marginal ui output - - use msmktempdir everywhere (avoid unwrapped calls to mktemp for - portability) - - clean out some redundant "cat"s - - fix monkeysphere update-known_hosts for sshd running on non-standard - ports - - add 'sshfpr' subcommand to output the ssh fingerprint of a gpg key - - pem2openpgp now generates self-sigs over SHA-256 instead of SHA-1 - (changes dependency to libdigest-sha-perl) - - some portability improvements - - properly handle translation of keys with fingerprints with leading - all-zero bytes. - - resolve symlinks when checking paths (thanks Silvio Rhatto) - (closes MS #917) - - explicitly set and use MONKEYSPHERE_GROUP from system "groups" - (closes: #534008) - - monkeysphere-host now uses keytrans to add and revoke hostname - (closes MS #422) + * New upstream release (closes: #534008) * update Standard-Version to 3.8.2 (no changes needed) -- Jameson Graef Rollins Thu, 16 Jul 2009 22:09:19 -0400 monkeysphere (0.24-1) unstable; urgency=low - * New upstream release: - - fixed how version information is stored/retrieved - - now uses perl-based keytrans for both pem2openpgp and openpgp2ssh - - no longer needs base64 in PATH - - added "test" make target - - improved transitions/0.23 script so it no longer fails in common - circumstances (Closes: #517779) - - RSA only: no longer handles DSA keys - - added ability to specify subkeys to add to ssh agent with - new MONKEYSPHERE_SUBKEYS_FOR_AGENT environment variable + * New upstream release (Closes: #517779) * update/cleanup maintainer scripts * remove GnuTLS dependency * remove versioned coreutils | base64 dependency @@ -86,53 +41,20 @@ monkeysphere (0.24-1) unstable; urgency=low monkeysphere (0.23.1-1) unstable; urgency=low - * New Upstrem "Brown Paper Bag" Release: - - adjusts internal version numbers + * New upstrem release ("brown paper bag" to adjust internal version numbers) -- Daniel Kahn Gillmor Sat, 21 Feb 2009 18:09:47 -0500 monkeysphere (0.23-1) unstable; urgency=low - "The Golden Bezoar Release" - - * New upstream release. - * rearchitect UI: - - replace monkeysphere-server with monkeysphere-{authentication,host} - - fold monkeysphere-ssh-proxycommand into /usr/bin/monkeysphere - - * new ability to import existing ssh host key into monkeysphere. So now - m-a import-key replaces m-s gen-key. - * provide pem2openpgp for translating unencrypted PEM-encoded raw key - material into OpenPGP keys (introduces new perl dependencies) - * get rid of getopts dependency - * added version output option - * better checks for the existence of a host private key for - monkeysphere-host subcommands that need it. - * better checks on validity of existing authentication subkeys when - doing monkeysphere gen_subkey. - * add transition infrastructure for major changes between releases (see - transitions/README.txt) - * implement and document two new monkeysphere-host subcommands: - revoke-key and add-revoker + * New upstream release: "The Golden Bezoar Release" -- Daniel Kahn Gillmor Sat, 21 Feb 2009 17:51:06 -0500 monkeysphere (0.22-1) unstable; urgency=low - * New upstream release: - [ Jameson Graef Rollins ] - - - added info log output when a new key is added to known_hosts file. - - added some useful output to the ssh-proxycommand for "marginal" - cases where keys are found for host but do not have full validity. - - force ssh-keygen to read from stdin to get ssh key fingerprint. - - [ Daniel Kahn Gillmor ] - - - automatically output two copies of the host's public key: one - standard ssh public key file, and the other a minimal OpenPGP key with - just the latest valid self-sig. - - debian/control: corrected alternate dependency from procfile to + * New upstream release + * debian/control: corrected alternate dependency from procfile to procmail (which provides /usr/bin/lockfile) -- Jameson Graef Rollins Fri, 28 Nov 2008 14:23:31 -0500 @@ -145,281 +67,8 @@ monkeysphere (0.21-2) unstable; urgency=low monkeysphere (0.21-1) unstable; urgency=low - * New upstream release: - - move debian packaging to packaging subdirectory. + * New upstream initial release to Debian (Closes: #505806) * Add debian prerm script, and add debhelper lines to other install scripts. - * Initial release to Debian (Closes: #505806) -- Jameson Graef Rollins Sat, 15 Nov 2008 16:14:27 -0500 - -monkeysphere (0.20-1) unstable; urgency=low - - [ Daniel Kahn Gillmor ] - * ensure that tempdirs are properly created, bail out otherwise instead - of stumbling ahead. - * minor fussing with the test script to make it cleaner. - - [ Jameson Graef Rollins ] - * clean up Makefile to generate more elegant source tarballs. - * make myself the maintainer. - - -- Jameson Graef Rollins Sat, 15 Nov 2008 13:12:57 -0500 - -monkeysphere (0.19-1) experimental; urgency=low - - [ Daniel Kahn Gillmor ] - * simulating an X11 session in the test script. - * updated packaging so that symlinks to config files are correct. - - -- Daniel Kahn Gillmor Wed, 29 Oct 2008 02:47:49 -0400 - -monkeysphere (0.18-1) experimental; urgency=low - - [ Jameson Graef Rollins ] - * Fix bugs in authorized_{user_ids,keys} file permission checking. - * Add new monkeysphere tmpdir to enable atomic moves of authorized_keys - files. - * chown authorized_keys files to `whoami`, for compatibility with test - suite. - * major improvements to test suite, added more tests. - - [ Daniel Kahn Gillmor ] - * update make install to ensure placement of - /etc/monkeysphere/gnupg-{host,authentication}.conf - * choose either --quick-random or --debug-quick-random depending on - which gpg supports for the test suite. - - -- Daniel Kahn Gillmor Wed, 29 Oct 2008 00:41:38 -0400 - -monkeysphere (0.17-1) experimental; urgency=low - - [ Jameson Graef Rollins ] - * Fix some bugs in, and cleanup, authorized_keys file creation in - monkeysphere-server update-users. - * Move to using the empty string for not adding a user-controlled - authorized_keys file in the RAW_AUTHORIZED_KEYS variable. - - -- Daniel Kahn Gillmor Tue, 28 Oct 2008 02:04:22 -0400 - -monkeysphere (0.16-1) experimental; urgency=low - - [ Daniel Kahn Gillmor ] - * replaced "#!/bin/bash" with "#!/usr/bin/env bash" for better - portability. - * fixed busted lockfile arrangement, where empty file was being locked - * portability fixes in the way we use date, mktemp, hostname, su - * stop using /usr/bin/stat, since the syntax appears to be totally - unportable - * require GNU getopt, and test for getopt failures (look for getopt in - /usr/local/bin first, since that's where FreeBSD's GNU-compatible - getopt lives. - * monkeysphere-server diagnostics now counts problems and suggests a - re-run after they have been resolved. - * completed basic test suite: this can be run from the git sources or - the tarball with: cd tests && ./basic - - [ Jameson Graef Rollins ] - * Genericize fs location variables. - * break out gpg.conf files into SYSCONFIGDIR, and not auto-generated at - install. - - -- Daniel Kahn Gillmor Sun, 26 Oct 2008 03:06:18 -0400 - -monkeysphere (0.15-1) experimental; urgency=low - - * porting work and packaging simplification: clarifying makefiles, - pruning dependencies, etc. - * added tests to monkeysphere-server diagnostics - * moved monkeysphere(5) to section 7 of the manual - * now shipping TODO in /usr/share/doc/monkeysphere - - -- Daniel Kahn Gillmor Thu, 04 Sep 2008 19:08:40 -0400 - -monkeysphere (0.14-1) experimental; urgency=low - - * changing debian packaging back to format 1.0 so we get automatic - tarballs, and easier inclusion in other build networks. - * no other source changes. - - -- Daniel Kahn Gillmor Thu, 04 Sep 2008 13:03:35 -0400 - -monkeysphere (0.13-1) experimental; urgency=low - - [ Daniel Kahn Gillmor ] - * tweaks in /usr/bin/monkeysphere to handle odd secret keyrings. - * updated makefile to reflect the package building technique we've been - using for a month now. - - [ Jameson Graef Rollins ] - * move location of user config directory to ~/.monkeysphere. - - -- Daniel Kahn Gillmor Wed, 03 Sep 2008 17:26:10 -0400 - -monkeysphere (0.12-1) experimental; urgency=low - - [ Jameson Graef Rollins ] - * Improved output handling. New LOG_LEVEL variable. - - [ Daniel Kahn Gillmor ] - * debian/control: switched Homepage: and Vcs-Git: to canonicalized - upstream hostnames. - * updated documentation for new release. - * changed my associated e-mail address for this package. - - -- Daniel Kahn Gillmor Tue, 02 Sep 2008 18:54:29 -0400 - -monkeysphere (0.11-1) experimental; urgency=low - - [ Jameson Graef Rollins ] - * fix bug in trustdb update on add/revoke-hostname. - - [ Daniel Kahn Gillmor ] - * debian/control: added Build-Depends: git-core for the new packaging - format - * new subcommand: monkeysphere subkey-to-ssh-agent (relies on a patched - GnuTLS to deal with GPG's gnu-dummy S2K extension, but fails cleanly - if not found). - - -- Daniel Kahn Gillmor Wed, 20 Aug 2008 11:24:35 -0400 - -monkeysphere (0.10-1) experimental; urgency=low - - [ Jameson Graef Rollins ] - * brown paper bag release: invert test on calculated validity of keys. - - -- Daniel Kahn Gillmor Mon, 18 Aug 2008 16:22:34 -0400 - -monkeysphere (0.9-1) experimental; urgency=low - - [ Daniel Kahn Gillmor ] - * implemented "monkeysphere-server extend-key" to adjust expiration - date of host key. - * removed "monkeysphere-server fingerprint". Use "monkeysphere-server - show-key" instead. - - [ Jameson Graef Rollins ] - * fixed bug in user id processing that prevented bad primary keys from - being properly removed. - - -- Daniel Kahn Gillmor Mon, 18 Aug 2008 15:42:12 -0400 - -monkeysphere (0.8-1) experimental; urgency=low - - [ Daniel Kahn Gillmor ] - * debian/control: switched Vcs-Git to use "centralized" git repo instead - of my own. - * More monkeysphere-server diagnostics - * monkeysphere --gen-subkey now guesses what KeyID you meant. - * added Recommends: ssh-askpass to ensure monkeysphere --gen-subkey - works sensibly under X11 - - [ Jameson Graef Rollins ] - * fix another bug when known_hosts files are missing. - * sort processed keys so that "good" keys are processed after "bad" - keys. This will prevent malicious bad keys from causing good keys to - be removed from key files. - * enabled host key publication. - * added checking of gpg.conf for keyserver - * new functions to add/revoke host key user IDs - * improved list-certifiers function (now non-privileged) - - -- Daniel Kahn Gillmor Mon, 18 Aug 2008 12:43:37 -0400 - -monkeysphere (0.7-1) experimental; urgency=low - - [ Daniel Kahn Gillmor ] - * Added monkeysphere-server diagnostics subcommand. - * rebuilding package using Format: 3.0 (git) - - [ Jameson Graef Rollins ] - * fix how check for file modification is done. - * rework out user id processing is done to provide more verbose log - output. - * fix bug in monkeysphpere update-authorized_keys subcommand where - disallowed keys failed to be remove from authorized_keys file. - - -- Daniel Kahn Gillmor Mon, 04 Aug 2008 10:47:41 -0400 - -monkeysphere (0.6-1) experimental; urgency=low - - [ Jameson Graef Rollins ] - * Fix bug in return on error of ssh-proxycommand. - - [ Daniel Kahn Gillmor ] - * try socat if netcat is not available in proxycommand. - - -- Daniel Kahn Gillmor Tue, 29 Jul 2008 10:27:20 -0400 - -monkeysphere (0.5-1) experimental; urgency=low - - [ Daniel Kahn Gillmor ] - * updated READMEs to match current state of code - - [ Jameson Graef Rollins ] - * Tweak how empty authorized_user_ids and known_hosts files are handled. - * Do not fail when authorized_user_ids or known_hosts file is not found. - - -- Daniel Kahn Gillmor Mon, 28 Jul 2008 10:50:02 -0400 - -monkeysphere (0.4-1) experimental; urgency=low - - [ Daniel Kahn Gillmor ] - * New version. - * Fixed return code error in openpgp2ssh - - [ Jameson Graef Rollins ] - * Privilege separation: use monkeysphere user to handle maintenance of - the gnupg authentication keychain for server. - * Improved certifier key management. - * Fixed variable scoping and config file precedence. - * Add options for key generation and add-certifier functions. - * Fix return codes for known_host and authorized_keys updating - functions. - * Add write permission check on authorized_keys, known_hosts, and - authorized_user_ids files. - - -- Daniel Kahn Gillmor Tue, 22 Jul 2008 21:50:17 -0400 - -monkeysphere (0.3-1) experimental; urgency=low - - [ Daniel Kahn Gillmor ] - * new version. - - [ Jameson Graef Rollins ] - * Move files in /var/cache/monkeysphere and GNUPGHOME for server to - the more appropriate /var/lib/monkeysphere. - - -- Daniel Kahn Gillmor Tue, 24 Jun 2008 00:55:29 -0400 - -monkeysphere (0.2-2) experimental; urgency=low - - * added lockfile-progs dependency - - -- Daniel Kahn Gillmor Mon, 23 Jun 2008 19:34:05 -0400 - -monkeysphere (0.2-1) experimental; urgency=low - - [ Daniel Kahn Gillmor ] - * openpgp2ssh now supports specifying keys by full fingerprint. - - [ Jameson Graef Rollins ] - * Add AUTHORIZED_USER_IDS config variable for server, which defaults to - %h/.config/monkeysphere/authorized_user_ids, instead of - /etc/monkeysphere/authorized_user_ids. - * Remove {update,remove}-userids functions, since we decided they - weren't useful enough to be worth maintaining. - * Better handling of unknown users in server update-users - * Add file locking when modifying known_hosts or authorized_keys - * Better failure/prompting for gen-subkey - * Add ability to set any owner trust level for keys in server keychain. - - -- Daniel Kahn Gillmor Mon, 23 Jun 2008 17:03:19 -0400 - -monkeysphere (0.1-1) experimental; urgency=low - - * First release of debian package for monkeysphere. - * This is experimental -- please report bugs! - - -- Daniel Kahn Gillmor Thu, 19 Jun 2008 00:34:53 -0400 - diff --git a/packaging/debian/control b/packaging/debian/control index d70d023..213a885 100644 --- a/packaging/debian/control +++ b/packaging/debian/control @@ -14,10 +14,13 @@ Architecture: all Depends: openssh-client, gnupg, libcrypt-openssl-rsa-perl, libdigest-sha-perl, lockfile-progs | procmail, adduser, ${misc:Depends} Recommends: netcat | socat, ssh-askpass, cron Enhances: openssh-client, openssh-server -Description: use the OpenPGP web of trust to verify ssh connections +Description: leverage the OpenPGP web of trust for OpenSSH and TLS authentication SSH key-based authentication is tried-and-true, but it lacks a true Public Key Infrastructure for key certification, revocation and expiration. Monkeysphere is a framework that uses the OpenPGP web of trust for these PKI functions. It can be used in both directions: for users to get validated host keys, and for hosts to authenticate users. + . + Monkeysphere can also be used by a monkeysphere validation agent to + validate TLS connections on the web. diff --git a/src/monkeysphere-host b/src/monkeysphere-host index 903e333..8452e6c 100755 --- a/src/monkeysphere-host +++ b/src/monkeysphere-host @@ -138,12 +138,13 @@ Please run 'monkeysphere-host import-key' to import a key." ;; *) if [ -z "$keyID" ] ; then - failure "Keyring contains multiple keys. Please specify one to act on (see 'monkeysphere-host show-key')." + failure "Your host keyring contains multiple keys. +Please specify one to act on (see 'monkeysphere-host show-key')." fi ;; esac printf '%s\n' "${fprs[@]}" | grep "${keyID}$" \ - || failure "Key '$keyID' not found." + || failure "Host key '$keyID' not found." } # return 0 if user ID was found.