From 4eba4e7e66fc7febb1e7255a649f6b6ad240d653 Mon Sep 17 00:00:00 2001
From: Jameson Graef Rollins <jrollins@phys.columbia.edu>
Date: Sun, 25 May 2008 15:59:54 -0400
Subject: [PATCH] expand howler to handle general gpg maintenence tasks for
 server - add "gen-key", "publish-key", and "trust-uids" functions small tweak
 to rhesus. update README and MonkeySpec

---
 doc/MonkeySpec |   5 +-
 doc/README     |  50 ++++++++++++++++---
 howler/howler  | 130 ++++++++++++++++++++++++++++++++++---------------
 rhesus/rhesus  |   8 +--
 4 files changed, 140 insertions(+), 53 deletions(-)

diff --git a/doc/MonkeySpec b/doc/MonkeySpec
index 45d6cf6..3b565db 100644
--- a/doc/MonkeySpec
+++ b/doc/MonkeySpec
@@ -38,7 +38,10 @@ common components
 
 server-side components
 ----------------------
-* "howler": service gpg key generator/publisher
+* "howler": server gpg maintainer
+  - generates gpg keys for the server
+  - publishes server gpg keys
+  - used to specify userids to trust for user authentication
 
 * "tamarin": script to trigger rhesus during attempt to initiate
   connection from client
diff --git a/doc/README b/doc/README
index 9dc8753..9034519 100644
--- a/doc/README
+++ b/doc/README
@@ -1,19 +1,22 @@
 Monkeysphere README
--------------------
+===================
 
-Default file locations:
+Default files locations (by variable):
 
 MS_HOME=~/.config/monkeysphere
-STAGING_AREA=$MS_HOME
+MS_CONF=$MS_HOME/monkeysphere.conf
+AUTH_HOST_FILE=$MS_HOME/auth_host_ids
+AUTH_USER_FILE=$MS_HOME/auth_user_ids
 GNUPGHOME=~/.gnupg
-$MS_HOME/monkeysphere.conf
-$MS_HOME/auth_host_ids
-$MS_HOME/auth_user_ids
+STAGING_AREA=$MS_HOME
+
 $STAGING_AREA/host_keys/KEYHASH
 $STAGING_AREA/known_hosts
 $STAGING_AREA/user_keys/KEYHASH
 $STAGING_AREA/authorized_keys
 
+user usage
+----------
 For a user to update their ms known_hosts file:
 
 $ rhesus --known_hosts
@@ -22,6 +25,23 @@ For a user to update their ms authorized_keys file:
 
 $ rhesus --authorized_keys
 
+server service publication
+--------------------------
+To publish a server host key use the "howler" component:
+
+# howler gen-key
+# howler publish-key
+
+This will generate the key for server with the service URI
+(ssh://server.hostname).  The server admin should now sign the server
+key so that people in the admin's web of trust can authenticate the
+server without manual host key checking:
+
+$ gpg --search ='ssh://server.hostname'
+$ gpg --sign-key 'ssh://server.hostname'
+
+server authorized_keys maintenance
+----------------------------------
 A system can maintain ms authorized_keys files for it's users.  Some
 different variables need to be defined to help manage this.  The way
 this is done is by first defining a new MS_HOME:
@@ -35,10 +55,24 @@ AUTH_USER_FILE="$MS_HOME"/auth_user_ids/"$USER"
 STAGING_AREA=/var/lib/monkeysphere/stage/$USER
 GNUPGHOME=$MS_HOME/gnupg
 
-To update the ms authorized_keys file for user "foo", the system would
+For each user account on the server, the userids of people authorized
+to log into that account would be placed in the AUTH_USER_FILE for
+that user.  However, in order for users to become authenticated, the
+server must determine that the user keys have "full" validity.  This
+means that the server must fully trust at least one person whose
+signature on the connecting users key would validate the user.  This
+would generally be the server admin.  If the server admin's userid is
+
+"Alice <alice@foo.com>"
+
+then the server would run:
+
+# howler trust-uids "Alice <alice@foo.com>"
+
+To update the ms authorized_keys file for user "bob", the system would
 then run the following:
 
-# USER=foo MS_HOME=/etc/monkeysphere rhesus --authorized_keys
+# USER=bob MS_HOME=/etc/monkeysphere rhesus --authorized_keys
 
 To update the ms authorized_keys file for all users on the the system:
 
diff --git a/howler/howler b/howler/howler
index 7e33471..d0bb13d 100755
--- a/howler/howler
+++ b/howler/howler
@@ -1,78 +1,128 @@
 #!/bin/sh
 
-# howler: server gpg key generator/publisher
+# howler: monkeysphere server gpg generator/publisher/maintainer
 #
 # Written by
 # Jameson Rollins <jrollins@fifthhorseman.net>
 #
 # Copyright 2008, released under the GPL, version 3 or later
 
-CMD=$(basename $0)
+PGRM=$(basename $0)
 
 ########################################################################
 # FUNCTIONS
 ########################################################################
 
+usage() {
+cat <<EOF
+usage: $PGRM gen-key
+       $PGRM publish-key
+       $PGRM trust-uids USERID [USERID...]
+       $PGRM help
+EOF
+}
+
 failure() {
     echo "$1" >&2
     exit ${2:-'1'}
 }
 
-########################################################################
-# MAIN
-########################################################################
-
-MS_HOME=${MS_HOME:-/etc/monkeysphere}
-
-. "$MS_HOME"/monkeysphere.conf
-
-export GNUPGHOME
-
-KEY_TYPE=${KEY_TYPE:-RSA}
-KEY_LENGTH=${KEY_LENGTH:-2048}
-KEY_USAGE=${KEY_USAGE:-encrypt,auth}
-SERVICE=${SERVICE:-ssh}
-HOSTNAME=${HOSTNAME:-$(hostname -f)}
+# generate server gpg key
+gen_key() {
+    KEY_TYPE=${KEY_TYPE:-RSA}
+    KEY_LENGTH=${KEY_LENGTH:-2048}
+    KEY_USAGE=${KEY_USAGE:-encrypt,auth}
+    SERVICE=${SERVICE:-ssh}
+    HOSTNAME_FQDN=${HOSTNAME_FQDN:-$(hostname -f)}
 
-USERID=${USERID:-"$SERVICE"://"$HOSTNAME"}
+    USERID=${USERID:-"$SERVICE"://"$HOSTNAME_FQDN"}
 
-echo "key parameters:"
-cat <<EOF
+    echo "key parameters:"
+    cat <<EOF
 Key-Type: $KEY_TYPE
 Key-Length: $KEY_LENGTH
 Key-Usage: $KEY_USAGE
 Name-Real: $USERID
 EOF
 
-read -p "generate key? [Y|n]: " OK; OK=${OK:=Y}
-if [ ${OK/y/Y} != 'Y' ] ; then
-    failure "aborting."
-fi
+    read -p "generate key? [Y|n]: " OK; OK=${OK:=Y}
+    if [ ${OK/y/Y} != 'Y' ] ; then
+	failure "aborting."
+    fi
 
-if gpg --list-key ="$USERID" > /dev/null 2>&1 ; then
-    failure "key for '$USERID' already exists"
-fi
+    if gpg --list-key ="$USERID" > /dev/null 2>&1 ; then
+	failure "key for '$USERID' already exists"
+    fi
 
-echo "generating server key..."
-gpg --batch --gen-key <<EOF
+    echo "generating server key..."
+    gpg --batch --gen-key <<EOF
 Key-Type: $KEY_TYPE
 Key-Length: $KEY_LENGTH
 Key-Usage: $KEY_USAGE
 Name-Real: $USERID
 %commit
 EOF
+}
 
-read -p "publish key to $KEY_SERVER? [Y|n]: " OK; OK=${OK:=Y}
-if [ ${OK/y/Y} != 'Y' ] ; then
-    failure "aborting."
-fi
+publish_key() {
+    read -p "publish key to $KEYSERVER? [Y|n]: " OK; OK=${OK:=Y}
+    if [ ${OK/y/Y} != 'Y' ] ; then
+	failure "aborting."
+    fi
 
-echo "sending key to keyserver '$KEYSERVER'..."
-keyID=$(gpg --list-key --with-colons ="$USERID" 2> /dev/null | grep '^pub:' | cut -d: -f5)
+    keyID=$(gpg --list-key --with-colons ="$USERID" 2> /dev/null | grep '^pub:' | cut -d: -f5)
 
-# dummy command so as not to publish fakes keys during testing
-# eventually:
-#gpg --send-keys --keyserver "$KEYSERVER" "$keyID"
-echo "gpg --send-keys --keyserver $KEYSERVER $keyID"
+    # dummy command so as not to publish fakes keys during testing
+    # eventually:
+    #gpg --send-keys --keyserver "$KEYSERVER" "$keyID"
+    echo "gpg --send-keys --keyserver $KEYSERVER $keyID"
+}
 
-echo "done."
+# FIXME: need to figure out how to automate this, in a batch mode
+#  or something.
+trust_uids() {
+    for userID ; do
+	gpg --keyserver "$KEYSERVER" --search ="$userID"
+	gpg --edit-key "$userID"
+    done
+}
+
+########################################################################
+# MAIN
+########################################################################
+
+# set ms home directory
+MS_HOME=${MS_HOME:-/etc/monkeysphere}
+
+# load configuration file
+MS_CONF=${MS_CONF:-"$MS_HOME"/monkeysphere.conf}
+[ -e "$MS_CONF" ] && . "$MS_CONF"
+
+GNUPGHOME=${GNUPGHOME:-"$MS_HOME"/gnupg}
+export GNUPGHOME
+KEYSERVER=${KEYSERVER:-subkeys.pgp.net}
+export KEYSERVER
+
+COMMAND="$1"
+[ "$COMMAND" ] || failure "Type '$PGRM help' for usage."
+shift 1
+
+case $COMMAND in
+    'gen-key')
+	gen_key
+	;;
+    'publish-key')
+	publish_key
+	;;
+    'trust-uids')
+	trust_uids "$@"
+	;;
+    'help')
+        usage
+	exit
+        ;;
+    *)
+        failure "Unknown command: '$COMMAND'
+Type '$PGRM help' for usage."
+        ;;
+esac
diff --git a/rhesus/rhesus b/rhesus/rhesus
index dec24a2..7a43fca 100755
--- a/rhesus/rhesus
+++ b/rhesus/rhesus
@@ -7,7 +7,7 @@
 #
 # Copyright 2008, released under the GPL, version 3 or later
 
-CMD=$(basename $0)
+PGRM=$(basename $0)
 
 ########################################################################
 # FUNCTIONS
@@ -15,8 +15,8 @@ CMD=$(basename $0)
 
 usage() {
 cat <<EOF
-usage: $CMD k|known_hosts [userid...]
-       $CMD a|authorized_keys [userid...]
+usage: $PGRM k|known_hosts [userid...]
+       $PGRM a|authorized_keys [userid...]
 Monkeysphere update of known_hosts or authorized_keys file.
 If userids are specified, only specified userids will be processed
 (userids must be included in the appropriate auth_*_ids file).
@@ -228,7 +228,7 @@ fi
 # set user home directory
 HOME=$(getent passwd "$USER" | cut -d: -f6)
 
-# get ms home directory
+# set ms home directory
 MS_HOME=${MS_HOME:-"$HOME"/.config/monkeysphere}
 
 # load configuration file
-- 
2.25.1