monkeysphere (0.8-1) UNRELEASED; urgency=low [ Daniel Kahn Gillmor ] * debian/control: switched Vcs-Git to use "centralized" git repo instead of my own. * More monkeysphere-server diagnostics * monkeysphere --gen-subkey now guesses what KeyID you meant. * set up host-key revocation * added Recommends: ssh-askpass to ensure monkeysphere --gen-subkey works [ Jameson Graef Rollins ] * fix another bug for when ssh key files are missing. * sort processed keys so that "good" keys are processed after "bad" keys. This will prevent malicious bad keys from causing good keys to be removed from key files. * enabled host key publication. * added checking of gpg.conf for keyserver -- Daniel Kahn Gillmor Fri, 15 Aug 2008 16:06:31 -0400 monkeysphere (0.7-1) experimental; urgency=low [ Daniel Kahn Gillmor ] * Added monkeysphere-server diagnostics subcommand. * rebuilding package using Format: 3.0 (git) [ Jameson Graef Rollins ] * fix how check for file modification is done. * rework out user id processing is done to provide more verbose log output. * fix bug in monkeysphpere update-authorized_keys subcommand where disallowed keys failed to be remove from authorized_keys file. -- Daniel Kahn Gillmor Mon, 04 Aug 2008 10:47:41 -0400 monkeysphere (0.6-1) experimental; urgency=low [ Jameson Graef Rollins ] * Fix bug in return on error of ssh-proxycommand. [ Daniel Kahn Gillmor ] * try socat if netcat is not available in proxycommand. -- Daniel Kahn Gillmor Tue, 29 Jul 2008 10:27:20 -0400 monkeysphere (0.5-1) experimental; urgency=low [ Daniel Kahn Gillmor ] * updated READMEs to match current state of code [ Jameson Graef Rollins ] * Tweak how empty authorized_user_ids and known_hosts files are handled. * Do not fail when authorized_user_ids or known_hosts file is not found. -- Daniel Kahn Gillmor Mon, 28 Jul 2008 10:50:02 -0400 monkeysphere (0.4-1) experimental; urgency=low [ Daniel Kahn Gillmor ] * New version. * Fixed return code error in openpgp2ssh [ Jameson Graef Rollins ] * Privilege separation: use monkeysphere user to handle maintenance of the gnupg authentication keychain for server. * Improved certifier key management. * Fixed variable scoping and config file precedence. * Add options for key generation and add-certifier functions. * Fix return codes for known_host and authorized_keys updating functions. * Add write permission check on authorized_keys, known_hosts, and authorized_user_ids files. -- Daniel Kahn Gillmor Tue, 22 Jul 2008 21:50:17 -0400 monkeysphere (0.3-1) experimental; urgency=low [ Daniel Kahn Gillmor ] * new version. [ Jameson Graef Rollins ] * Move files in /var/cache/monkeysphere and GNUPGHOME for server to the more appropriate /var/lib/monkeysphere. -- Daniel Kahn Gillmor Tue, 24 Jun 2008 00:55:29 -0400 monkeysphere (0.2-2) experimental; urgency=low * added lockfile-progs dependency -- Daniel Kahn Gillmor Mon, 23 Jun 2008 19:34:05 -0400 monkeysphere (0.2-1) experimental; urgency=low [ Daniel Kahn Gillmor ] * openpgp2ssh now supports specifying keys by full fingerprint. [ Jameson Graef Rollins ] * Add AUTHORIZED_USER_IDS config variable for server, which defaults to %h/.config/monkeysphere/authorized_user_ids, instead of /etc/monkeysphere/authorized_user_ids. * Remove {update,remove}-userids functions, since we decided they weren't useful enough to be worth maintaining. * Better handling of unknown users in server update-users * Add file locking when modifying known_hosts or authorized_keys * Better failure/prompting for gen-subkey * Add ability to set any owner trust level for keys in server keychain. -- Daniel Kahn Gillmor Mon, 23 Jun 2008 17:03:19 -0400 monkeysphere (0.1-1) experimental; urgency=low * First release of debian package for monkeysphere. * This is experimental -- please report bugs! -- Daniel Kahn Gillmor Thu, 19 Jun 2008 00:34:53 -0400