# by the home directory of the user, and '%u' will by replaced by the
# username of the user. Setting this variable to 'none' prevents the
# inclusion of user controlled authorized_keys file.
-# RAW_AUTHORIZED_KEYS="%h/.ssh/authorized_keys"
+#RAW_AUTHORIZED_KEYS="%h/.ssh/authorized_keys"
# MONKEYSPHERE_GNUPGHOME environment variable, then the value of the
# GNUPGHOME environment variable will be used. If GNUPGHOME is not
# set either, then the default value is listed below.
-# GNUPGHOME=~/.gnupg
+#GNUPGHOME=~/.gnupg
# GPG keyserver to search for keys.
#KEYSERVER=pool.sks-keyservers.net
\fBmonkeysphere-authentication\fP takes various subcommands.
.TP
.B setup
-Setup the server for Monkeysphere user authentication. `s' may be
-used in place of `setup'.
+Setup the server for Monkeysphere user authentication. This command
+is idempotent, which means it can be run multiple times to make sure
+the setup is correct, without adversely affecting existing setups.
+`s' may be used in place of `setup'.
.TP
.B update-users [ACCOUNT]...
Rebuild the monkeysphere-controlled authorized_keys files. For each
List key IDs trusted by the system to certify user identities. `c'
may be used in place of `list-id-certifiers'.
.TP
+.B diagnostics
+Review the state of the server with respect to authentication. `d'
+may be used in place of `diagnostics'.
+.TP
+.B gpg-cmd
+Execute a gpg command, as the monkeysphere user, on the monkeysphere
+authentication "sphere" keyring. This takes a single argument
+(multiple gpg arguments need to be quoted). Use this command with
+caution, as modifying the authentication sphere keyring can affect ssh
+user authentication.
+.TP
.B help
Output a brief usage summary. `h' or `?' may be used in place of
`help'.
.B version
show version number
-.SH "EXPERT" SUBCOMMANDS
-
-Some commands are very unlikely to be needed by most administrators.
-These commands must prefaced by the word `expert'.
-.TP
-.B diagnostics
-Review the state of the server with respect to authentication. `d'
-may be used in place of `diagnostics'.
-.TP
-.B gpg-cmd
-Execute a gpg command on the gnupg-authentication keyring as the
-monkeysphere user. This takes a single command (multiple gpg
-arguments need to be quoted). Use this command with caution, as
-modifying the gnupg-authentication keyring can affect ssh user
-authentication.
-
.SH SETUP USER AUTHENTICATION
If the server will handle user authentication through
Publish the host's OpenPGP key to the keyserver. `p' may be used in
place of `publish-key'.
.TP
-.B help
-Output a brief usage summary. `h' or `?' may be used in place of
-`help'.
-.TP
-.B version
-show version number
-
-.SH "EXPERT" SUBCOMMANDS
-
-Some commands are very unlikely to be needed by most administrators.
-These commands must prefaced by the word `expert'.
-.TP
-.B gen-key [HOSTNAME]
-Generate a OpenPGP key for the host. If HOSTNAME is not specified,
-then the system fully-qualified domain name will be user. An
-alternate key bit length can be specified with the `-l' or `--length'
-option (default 2048). An expiration length can be specified with the
-`-e' or `--expire' option (prompt otherwise). The expiration format
-is the same as that of \fBextend-key\fP, below. `g' may be used in
-place of `gen-key'.
-.TP
-.B import-key
-FIXME:
- import-key (i) import existing ssh key to gpg
- --hostname (-h) NAME[:PORT] hostname for key user ID
- --keyfile (-f) FILE key file to import
- --expire (-e) EXPIRE date to expire
+.B import-key [NAME[:PORT]]
+Import a pem-encoded ssh secret host key, from stdin. NAME[:PORT] is
+used to specify the hostname (and port) used in the user ID of the new
+OpenPGP key. If NAME is not specified, then the system
+fully-qualified domain name will be used (ie. `hostname -f'). If PORT
+is not specified, the no port is added to the user ID, which means
+port 22 is assumed. `i' may be used in place of `import-key'.
.TP
.B diagnostics
Review the state of the monkeysphere server host key and report on
there is a valid host key, that the key is published, that the sshd
configuration points to the right place, etc. `d' may be used in
place of `diagnostics'.
+.TP
+.B help
+Output a brief usage summary. `h' or `?' may be used in place of
+`help'.
+.TP
+.B version
+show version number
.SH SETUP HOST AUTHENTICATION
$ monkeysphere-host publish-key
-You must also modify the sshd_config on the server to tell sshd where
-the new server host key is located:
-
-HostKey /var/lib/monkeysphere/host/ssh_host_rsa_key
-
In order for users logging into the system to be able to identify the
host via the monkeysphere, at least one person (e.g. a server admin)
will need to sign the host's key. This is done using standard OpenPGP
- replace monkeysphere-server with monkeysphere-{authentication,host}
- fold monkeysphere-ssh-proxycommand into /usr/bin/monkeysphere
+ * new ability to import existing ssh key into monkeysphere
* simplify adding a host to the monkeysphere, automate the process
during debian installation
* provide pem2openpgp for translating unencrypted PEM-encoded raw key
* check that existing authentication keys are valid in gen_key
function.
- -- Daniel Kahn Gillmor <dkg@pip.fifthhorseman.net> Sat, 31 Jan 2009 17:32:58 -0500
+ -- Jameson Graef Rollins <jrollins@finestructure.net> Thu, 12 Feb 2009 21:50:54 -0500
monkeysphere (0.22-1) unstable; urgency=low
# temp directory to enable atomic moves of authorized_keys files
MATMPDIR="${MADATADIR}/tmp"
-export MSTMPDIR
+export MATMPDIR
# UTC date in ISO 8601 format if needed
DATE=$(date -u '+%FT%T')
remove-id-certifier (c-) KEYID remove a certification key
list-id-certifiers (c) list certification keys
- expert <expert-subcommand> run expert command
- expert help expert command help
-
version (v) show version number
help (h,?) this help
+See ${PGRM}(8) for more info.
EOF
}
GNUPGHOME="$GNUPGHOME_CORE"
export GNUPGHOME
- # NOTE: we supress this warning because we need the monkeysphere
- # user to be able to read the host pubring. we realize this might
- # be problematic, but it's the simplest solution, without too much
- # loss of security.
gpg "$@"
}
# function to interact with the gpg sphere keyring
-# FIXME: this function requires basically accepts only a single
-# argument because of problems with quote expansion. this needs to be
-# fixed/improved.
+# FIXME: this function requires only a single argument because of
+# problems with quote expansion. this needs to be fixed/improved.
gpg_sphere() {
GNUPGHOME="$GNUPGHOME_SPHERE"
export GNUPGHOME
su_monkeysphere_user "gpg $@"
}
+# output to stdout the core fingerprint from the gpg core secret
+# keyring
+core_fingerprint() {
+ log debug "determining core key fingerprint..."
+ gpg_core --quiet --list-secret-key \
+ --with-colons --fixed-list-mode --with-fingerprint \
+ | grep ^fpr: | cut -d: -f10
+}
+
+# fail if authentication has not been setup
+check_no_setup() {
+ # FIXME: what is the right test to do here?
+ [ -d "$MADATADIR" ] \
+ || failure "This host appears to have not yet been set up for Monkeysphere authentication.
+Please run 'monkeysphere-authentication setup' first."
+}
+
# export signatures from core to sphere
gpg_core_sphere_sig_transfer() {
+ log debug "exporting core local sigs to sphere..."
gpg_core --export-options export-local-sigs --export | \
- gpg_sphere --import-options import-local-sigs --import
+ gpg_sphere "--import-options import-local-sigs --import"
}
########################################################################
# MAIN
########################################################################
-# unset variables that should be defined only in config file
+# unset variables that should be defined only in config file of in
+# MONKEYSPHERE_ variables
+unset LOG_LEVEL
unset KEYSERVER
unset AUTHORIZED_USER_IDS
unset RAW_AUTHORIZED_KEYS
unset MONKEYSPHERE_USER
+unset PROMPT
# load configuration file
[ -e ${MONKEYSPHERE_AUTHENTICATION_CONFIG:="${SYSCONFIGDIR}/monkeysphere-authentication.conf"} ] && . "$MONKEYSPHERE_AUTHENTICATION_CONFIG"
AUTHORIZED_USER_IDS=${MONKEYSPHERE_AUTHORIZED_USER_IDS:=${AUTHORIZED_USER_IDS:="%h/.monkeysphere/authorized_user_ids"}}
RAW_AUTHORIZED_KEYS=${MONKEYSPHERE_RAW_AUTHORIZED_KEYS:=${RAW_AUTHORIZED_KEYS:="%h/.ssh/authorized_keys"}}
MONKEYSPHERE_USER=${MONKEYSPHERE_MONKEYSPHERE_USER:=${MONKEYSPHERE_USER:="monkeysphere"}}
+PROMPT=${MONKEYSPHERE_PROMPT:=${PROMPT:="true"}}
# other variables
CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:="true"}
export DATE
export MODE
export LOG_LEVEL
-export MONKEYSPHERE_USER
export KEYSERVER
+export MONKEYSPHERE_USER
+export PROMPT
export CHECK_KEYSERVER
export REQUIRED_USER_KEY_CAPABILITY
export GNUPGHOME_CORE
;;
'update-users'|'update-user'|'u')
+ check_no_setup
source "${MASHAREDIR}/update_users"
update_users "$@"
;;
'add-identity-certifier'|'add-id-certifier'|'add-certifier'|'c+')
+ check_no_setup
source "${MASHAREDIR}/add_certifier"
add_certifier "$@"
;;
'remove-identity-certifier'|'remove-id-certifier'|'remove-certifier'|'c-')
+ check_no_setup
source "${MASHAREDIR}/remove_certifier"
remove_certifier "$@"
;;
'list-identity-certifiers'|'list-id-certifiers'|'list-certifiers'|'list-certifier'|'c')
+ check_no_setup
source "${MASHAREDIR}/list_certifiers"
list_certifiers "$@"
;;
- 'expert')
- SUBCOMMAND="$1"
- shift
- case "$SUBCOMMAND" in
- 'help'|'h'|'?')
- cat <<EOF
-usage: $PGRM expert <subcommand> [options] [args]
-
-expert subcommands:
- diagnostics (d) monkeysphere authentication status
- gpg-cmd CMD execute gpg command
-
-EOF
- ;;
-
- 'diagnostics'|'d')
- source "${MASHAREDIR}/diagnostics"
- diagnostics
- ;;
-
- 'gpg-cmd')
- gpg_sphere "$@"
- ;;
+ 'diagnostics'|'d')
+ source "${MASHAREDIR}/diagnostics"
+ diagnostics
+ ;;
- *)
- failure "Unknown expert subcommand: '$COMMAND'
-Type '$PGRM help' for usage."
- ;;
- esac
+ 'gpg-cmd')
+ check_no_setup
+ gpg_sphere "$@"
;;
'version'|'v')
# datadir for host functions
MHDATADIR="${SYSDATADIR}/host"
+# temp directory for temp gnupghome directories for add_revoker
+MHTMPDIR="${MHDATADIR}/tmp"
+export MHTMPDIR
+
+# host pub key files
+HOST_KEY_FILE="${SYSDATADIR}/ssh_host_rsa_key.pub.gpg"
+
# UTC date in ISO 8601 format if needed
DATE=$(date -u '+%FT%T')
revoke-key (r) revoke host key
publish-key (p) publish host key to keyserver
- expert <expert-subcommand> run expert command
- expert help expert command help
+ import-key (i) [NAME[:PORT]] import existing ssh key to gpg
version (v) show version number
help (h,?) this help
+See ${PGRM}(8) for more info.
EOF
}
}
# command for edit key scripts, takes scripts on stdin
+# FIXME: should we supress all the edit script spew? or pipe it
+# through log debug?
gpg_host_edit() {
gpg_host --quiet --command-fd 0 --edit-key \
"0x${HOST_FINGERPRINT}!" "$@"
}
-# export the host key to stdout
-gpg_host_export() {
+# export the host public key to the monkeysphere gpg pub key file
+update_gpg_pub_file() {
+ log debug "updating openpgp public key file '$HOST_KEY_FILE'..."
gpg_host --export --armor --export-options export-minimal \
- "0x${HOST_FINGERPRINT}!"
+ "0x${HOST_FINGERPRINT}!" > "$HOST_KEY_FILE"
}
-# export the host key to the monkeysphere host file key
-gpg_host_export_to_ssh_file() {
- log debug "exporting openpgp public key..."
+# load the host fingerprint into the fingerprint variable, using the
+# export gpg pub key file
+# FIXME: this seems much less than ideal, with all this temp keyring
+# stuff. is there a way we can do this without having to create temp
+# files? what if we stored the fingerprint in MHDATADIR/fingerprint?
+load_fingerprint() {
+ if [ -f "$HOST_KEY_FILE" ] ; then
+ HOST_FINGERPRINT=$( \
+ (FUBAR=$(mktemp -d) && export GNUPGHOME="$FUBAR" \
+ && gpg --quiet --import \
+ && gpg --quiet --list-keys --with-colons --with-fingerprint \
+ && rm -rf "$FUBAR") <"$HOST_KEY_FILE" \
+ | grep '^fpr:' | cut -d: -f10 )
+ else
+ HOST_FINGERPRINT=
+ fi
+}
- gpg_host_export > "$HOST_KEY_PUB_GPG"
- log info "SSH host public key in OpenPGP form: $HOST_KEY_PUB_GPG"
+# load the host fingerprint into the fingerprint variable, using the
+# gpg host secret key
+load_fingerprint_secret() {
+ HOST_FINGERPRINT=$( \
+ gpg_host --quiet --list-secret-key \
+ --with-colons --with-fingerprint \
+ | grep '^fpr:' | cut -d: -f10 )
}
-# output just key fingerprint
-# FIXME: should not have to be priviledged user to get host
-# fingerprint. should be taken from publicly accessible key files,
-# instead of the keyring.
-get_host_fingerprint() {
- gpg_host --list-secret-keys --fingerprint \
- --with-colons --fixed-list-mode 2> /dev/null | \
- grep '^fpr:' | head -1 | cut -d: -f10 2>/dev/null || true
+# fail if host key present
+check_host_key() {
+ [ ! -s "$HOST_KEY_FILE" ] \
+ || failure "An OpenPGP host key already exists."
+}
+
+# fail if host key not present
+check_host_no_key() {
+ [ -s "$HOST_KEY_FILE" ] \
+ || failure "You don't appear to have a Monkeysphere host key on this server.
+Please run 'monkeysphere-host import-key' first."
}
# output the index of a user ID on the host key
fi
}
-# function to check for host secret key
-check_host_fail() {
- [ "$HOST_FINGERPRINT" ] || \
- failure "You don't appear to have a Monkeysphere host key on this server. Please run 'monkeysphere-host expert import-key' first."
-}
-
# show info about the host key
show_key() {
- local fingerprintSSH
+ local GNUPGHOME
- gpg_host --fingerprint --list-key --list-options show-unusable-uids \
- "0x${HOST_FINGERPRINT}!" 2>/dev/null
- # FIXME: make sure expiration date is shown
+ # tmp gpghome dir
+ export GNUPGHOME=$(mktemp -d)
- echo "OpenPGP fingerprint: $HOST_FINGERPRINT"
+ # trap to remove tmp dir if break
+ trap "rm -rf $GNUPGHOME" EXIT
- if [ -f "$HOST_KEY_PUB" ] ; then
- fingerprintSSH=$(ssh-keygen -l -f "$HOST_KEY_PUB" | \
- awk '{ print $1, $2, $4 }')
+ # import the host key into the tmp dir
+ gpg --quiet --import <"$HOST_KEY_FILE"
- echo "ssh fingerprint: $fingerprintSSH"
- else
- log error "SSH host key not found."
- fi
+ HOST_FINGERPRINT=$(gpg --quiet --list-keys --with-colons --with-fingerprint \
+ | grep '^fpr:' | cut -d: -f10 )
+
+ # list the host key info
+ # FIXME: make no-show-keyring work so we don't have to do the grep'ing
+ # FIXME: can we show uid validity somehow?
+ gpg --list-keys --fingerprint \
+ --list-options show-unusable-uids 2>/dev/null \
+ | grep -v "^${GNUPGHOME}/pubring.gpg$" \
+ | egrep -v '^-+$'
+
+ # list the pgp fingerprint
+ echo "OpenPGP fingerprint: $HOST_FINGERPRINT"
+
+ # list the ssh fingerprint
+ echo -n "ssh fingerprint: "
+ ssh-keygen -l -f /dev/stdin \
+ <<<$(openpgp2ssh <"$HOST_KEY_FILE" 2>/dev/null) \
+ | awk '{ print $1, $2, $4 }'
- # FIXME: other relevant key parameters?
+ # remove the tmp file
+ trap - EXIT
+ rm -rf "$GNUPGHOME"
}
########################################################################
# MAIN
########################################################################
-# unset variables that should be defined only in config file
+# unset variables that should be defined only in config file of in
+# MONKEYSPHERE_ variables
+unset LOG_LEVEL
unset KEYSERVER
unset MONKEYSPHERE_USER
+unset PROMPT
# load configuration file
[ -e ${MONKEYSPHERE_HOST_CONFIG:="${SYSCONFIGDIR}/monkeysphere-host.conf"} ] && . "$MONKEYSPHERE_HOST_CONFIG"
# defaults
LOG_LEVEL=${MONKEYSPHERE_LOG_LEVEL:=${LOG_LEVEL:="INFO"}}
KEYSERVER=${MONKEYSPHERE_KEYSERVER:=${KEYSERVER:="pool.sks-keyservers.net"}}
-AUTHORIZED_USER_IDS=${MONKEYSPHERE_AUTHORIZED_USER_IDS:=${AUTHORIZED_USER_IDS:="%h/.monkeysphere/authorized_user_ids"}}
-RAW_AUTHORIZED_KEYS=${MONKEYSPHERE_RAW_AUTHORIZED_KEYS:=${RAW_AUTHORIZED_KEYS:="%h/.ssh/authorized_keys"}}
MONKEYSPHERE_USER=${MONKEYSPHERE_MONKEYSPHERE_USER:=${MONKEYSPHERE_USER:="monkeysphere"}}
+PROMPT=${MONKEYSPHERE_PROMPT:=${PROMPT:="true"}}
# other variables
CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:="true"}
GNUPGHOME_HOST=${MONKEYSPHERE_GNUPGHOME_HOST:="${MHDATADIR}"}
-# host key fingerprint
-HOST_FINGERPRINT=$(get_host_fingerprint)
-
-# host pub key files
-HOST_KEY_PUB="${SYSDATADIR}/ssh_host_rsa_key.pub"
-HOST_KEY_PUB_GPG="${SYSDATADIR}/ssh_host_rsa_key.pub.gpg"
-
# export variables needed in su invocation
export DATE
export MODE
export LOG_LEVEL
-export MONKEYSPHERE_USER
export KEYSERVER
+export MONKEYSPHERE_USER
+export PROMPT
+export CHECK_KEYSERVER
export GNUPGHOME_HOST
export GNUPGHOME
-export HOST_FINGERPRINT
+export HOST_FINGERPRINT=
# get subcommand
COMMAND="$1"
[ "$COMMAND" ] || failure "Type '$PGRM help' for usage."
shift
-
case $COMMAND in
'show-key'|'show'|'s')
- check_host_fail
+ check_host_no_key
show_key
;;
'set-expire'|'extend-key'|'e')
- check_host_fail
+ check_host_no_key
+ load_fingerprint
source "${MHSHAREDIR}/set_expire"
set_expire "$@"
;;
'add-hostname'|'add-name'|'n+')
- check_host_fail
+ check_host_no_key
+ load_fingerprint
source "${MHSHAREDIR}/add_hostname"
add_hostname "$@"
;;
'revoke-hostname'|'revoke-name'|'n-')
- check_host_fail
+ check_host_no_key
+ load_fingerprint
source "${MHSHAREDIR}/revoke_hostname"
revoke_hostname "$@"
;;
'add-revoker'|'o')
- check_host_fail
+ check_host_no_key
+ load_fingerprint
source "${MHSHAREDIR}/add_revoker"
add_revoker "$@"
;;
'revoke-key'|'r')
- check_host_fail
+ check_host_no_key
+ load_fingerprint
source "${MHSHAREDIR}/revoke_key"
revoke_key "$@"
;;
'publish-key'|'publish'|'p')
- check_host_fail
+ check_host_no_key
+ load_fingerprint
source "${MHSHAREDIR}/publish_key"
publish_key
;;
- 'expert')
- SUBCOMMAND="$1"
- shift
- case "$SUBCOMMAND" in
- 'help'|'h'|'?')
- cat <<EOF
-usage: $PGRM expert <subcommand> [options] [args]
-
-expert subcommands:
- import-key (i) [NAME[:PORT]] import existing ssh key to gpg
- gen-key (g) [NAME[:PORT]] generate gpg key for the host
- --length (-l) BITS key length in bits (2048)
- diagnostics (d) monkeysphere host status
-
-EOF
- ;;
-
- 'import-key'|'i')
- source "${MHSHAREDIR}/import_key"
- import_key "$@"
- ;;
-
- 'gen-key'|'g')
- source "${MHSHAREDIR}/gen_key"
- gen_key "$@"
- ;;
-
- 'diagnostics'|'d')
- source "${MHSHAREDIR}/diagnostics"
- diagnostics
- ;;
+ 'import-key'|'i')
+ check_host_key
+ source "${MHSHAREDIR}/import_key"
+ import_key "$@"
+ ;;
- *)
- failure "Unknown expert subcommand: '$COMMAND'
-Type '$PGRM help' for usage."
- ;;
- esac
+ 'diagnostics'|'d')
+ load_fingerprint
+ source "${MHSHAREDIR}/diagnostics"
+ diagnostics
;;
'version'|'v')
# run command as monkeysphere user
su_monkeysphere_user() {
- # if the current user is the monkeysphere user, then just eval
- # command
- if [ $(id -un) = "$MONKEYSPHERE_USER" ] ; then
- eval "$@"
+ case $(id -un) in
+ # if monkeysphere user, run the command under bash
+ "$MONKEYSPHERE_USER")
+ bash -c "$@"
+ ;;
- # otherwise su command as monkeysphere user
- else
- su "$MONKEYSPHERE_USER" -c "$@"
- fi
+ # if root, su command as monkeysphere user
+ 'root')
+ su "$MONKEYSPHERE_USER" -c "$@"
+ ;;
+
+ # otherwise, fail
+ *)
+ log error "non-privileged user."
+ ;;
+ esac
}
# cut out all comments(#) and blank lines from standard input
else
lockfile -r 20 "${file}.lock" || failure "unable to lock '$file'"
fi
+ log debug "lock created on '$file'."
;;
touch)
if [ -n "$use_lockfileprogs" ] ; then
else
: Nothing to do here
fi
+ log debug "lock touched on '$file'."
;;
remove)
if [ -n "$use_lockfileprogs" ] ; then
else
rm -f "${file}.lock"
fi
+ log debug "lock removed on '$file'."
;;
*)
failure "bad argument for lock subfunction '$action'"
uname="$1"
path="$2"
+ log debug "checking path permission '$path'..."
+
# return 255 if cannot stat file
if ! stat=$(ls -ld "$path" 2>/dev/null) ; then
log error "could not stat path '$path'."
# remove the lockfile and the trap
lock remove "$AUTHORIZED_KEYS"
+
+ # remove the trap
trap - EXIT
# note if the authorized_keys file was updated
fi
else
# get the key from the key server
+ log debug "retrieving key from keyserver..."
gpg_sphere "--keyserver $KEYSERVER --recv-key '0x${keyID}!'" || failure "Could not receive a key with this ID from the '$KEYSERVER' keyserver."
fi
export keyID
-# get the full fingerprint of a key ID
-fingerprint=$(gpg_sphere "--list-key --with-colons --with-fingerprint 0x${keyID}!" | \
- grep '^fpr:' | grep "$keyID" | cut -d: -f10)
+# get the full fingerprint of new certifier key
+log debug "getting fingerprint of certifier key..."
+fingerprint=$(gpg_sphere "--list-key --with-colons --with-fingerprint 0x${keyID}!" \
+ | grep '^fpr:' | grep "$keyID" | cut -d: -f10)
if [ -z "$fingerprint" ] ; then
failure "Key '$keyID' not found."
fi
-log info -e "\nkey found:"
+log info "key found:"
gpg_sphere "--fingerprint 0x${fingerprint}!"
-echo "Are you sure you want to add the above key as a"
-read -p "certifier of users on this system? (y/N) " OK; OK=${OK:-N}
-if [ "${OK/y/Y}" != 'Y' ] ; then
- failure "Identity certifier not added."
+if [ "$PROMPT" = "true" ] ; then
+ echo "Are you sure you want to add the above key as a"
+ read -p "certifier of users on this system? (y/N) " OK; OK=${OK:-N}
+ if [ "${OK/y/Y}" != 'Y' ] ; then
+ failure "Identity certifier not added."
+ fi
+else
+ log debug "adding key without prompting."
fi
# export the key to the core keyring so that the core can sign the
# new certifier key
+log debug "exporting retrieved certifier key to core keyring..."
gpg_sphere "--export 0x${fingerprint}!" | gpg_core --import
case "$trust" in
)
# core ltsigns the newly imported certifier key
+log debug "executing core ltsign script..."
if echo "$ltsignCommand" | \
gpg_core --quiet --command-fd 0 --edit-key "0x${fingerprint}!" ; then
gpg_core_sphere_sig_transfer
# update the sphere trustdb
+ log debug "updating sphere trustdb..."
gpg_sphere "--check-trustdb"
- log info -e "\nIdentity certifier added."
+ log info "Identity certifier added."
else
failure "Problem adding identify certifier."
fi
if [ "$problemsfound" -gt 0 ]; then
echo "When the above $problemsfound issue"$(if [ "$problemsfound" -eq 1 ] ; then echo " is" ; else echo "s are" ; fi)" resolved, please re-run:"
- echo " monkeysphere-authentication expert diagnostics"
+ echo " monkeysphere-authentication diagnostics"
else
echo "Everything seems to be in order!"
fi
local keys
local key
+local authfpr
-# find trusted keys in authentication keychain
-keys=$(gpg_sphere "--no-options --list-options show-uid-validity --keyring ${GNUPGHOME_AUTHENTICATION}/pubring.gpg --list-keys --with-colons --fingerprint" | \
- grep ^pub: | cut -d: -f2,5 | egrep '^(u|f):' | cut -d: -f2)
+# find trusted keys in sphere keychain
+log debug "finding trusted keys..."
-# output keys
-for key in $keys ; do
- gpg_sphere "--no-options --list-options show-uid-validity --keyring ${GNUPGHOME_AUTHENTICATION}/pubring.gpg --list-key --fingerprint $key"
+# FIXME: this assumes that the keygrip (16 hex chars) is unique; we're
+# only searching by keygrip at the moment.
+
+authgrip=$(core_fingerprint | cut -b 25-40)
+
+# We're walking the list of known signatures, and extracting all trust
+# signatures made by the core fingerprint and known to the sphere
+# keyring.
+
+# for each one of these, we're printing (colon-delimited): the
+# fingerprint, the trust depth, the trust level (60 == marginal, 120
+# == full), and the domain regex (if any):
+
+gpg_sphere "--fingerprint --with-colons --fixed-list-mode --check-sigs" | \
+ cut -f 1,2,5,8,9,10 -d: | \
+ egrep '^(fpr:::::|sig:!:'"$authgrip"':[[:digit:]]+ [[:digit:]]+:)' | \
+ while IFS=: read -r type validity grip trustparams trustdomain fpr ; do
+ case $type in
+ 'fpr') # this is a new key
+ keyfpr=$fpr
+ ;;
+ 'sig') # print all trust signatures, including regexes if present
+ trustdepth=${trustparams%% *}
+ trustlevel=${trustparams##* }
+
+ # FIXME: this is clumsy and not human-friendly. we should
+ # print out more human-readable information, if possible.
+ printf "%s:%d:%d:%s\n" "$keyfpr" "$trustdepth" "$trustlevel" "$trustdomain"
+ ;;
+ esac
done
+
}
failure "You must specify the key ID of a key to remove."
fi
-if gpg_sphere "--no-options --list-options show-uid-validity --keyring ${GNUPGHOME_AUTHENTICATION}/pubring.gpg --list-key 0x${keyID}!" ; then
+# FIXME: should we be doing a fancier list_certifier output here?
+gpg_core --list-key --fingerprint "0x${keyID}!" || failure
+
+if [ "$PROMPT" = "true" ] ; then
read -p "Really remove above listed identity certifier? (y/N) " OK; OK=${OK:-N}
if [ "${OK/y/Y}" != 'Y' ] ; then
failure "Identity certifier not removed."
fi
else
- failure
+ log debug "certifier removed without prompting."
fi
# delete the requested key from the sphere keyring
# update the trustdb for the authentication keyring
gpg_sphere "--check-trustdb"
- log info -e "\nIdentity certifier removed."
+ log info ""
+ log info "Identity certifier removed."
else
failure "Problem removing identity certifier."
fi
# deliberately replace the config files via truncation
# FIXME: should we be dumping to tmp files and then moving atomically?
+ log debug "writing core gpg.conf..."
cat >"${GNUPGHOME_CORE}"/gpg.conf <<EOF
# Monkeysphere trust core GnuPG configuration
# This file is maintained by the Monkeysphere software.
no-greeting
list-options show-uid-validity
EOF
-
+
+ log debug "writing sphere gpg.conf..."
cat >"${GNUPGHOME_SPHERE}"/gpg.conf <<EOF
# Monkeysphere trust sphere GnuPG configuration
# This file is maintained by the Monkeysphere software.
# Edits will be overwritten.
no-greeting
-primary-keyring ${GNUPGHOME_SPHERE}/pubring.gpg
list-options show-uid-validity
EOF
- # make sure the monkeysphere user owns everything in th sphere
+ # make sure the monkeysphere user owns everything in the sphere
# gnupghome
- chown -R "$MONKEYPSHER_USER" "${GNUPGHOME_SPHERE}"
- chgrp -R "$MONKEYPSHER_USER" "${GNUPGHOME_SPHERE}"
+ log debuf "fixing sphere gnupg home ownership..."
+ chown -R "$MONKEYSPHERE_USER" "${GNUPGHOME_SPHERE}"
+ chgrp -R "$MONKEYSPHERE_USER" "${GNUPGHOME_SPHERE}"
# get fingerprint of core key. this should be empty on unconfigured systems.
- local CORE_FPR=$(gpg_core --with-colons --fixed-list-mode --fingerprint --list-secret-key | grep ^fpr: | cut -f10 -d: )
+ local CORE_FPR=$(core_fingerprint)
+ log debug "core fingerprint: $CORE_FPR"
if [ -z "$CORE_FPR" ] ; then
- log info "Setting up Monkeysphere authentication trust core..."
+ log info "setting up Monkeysphere authentication trust core..."
local CORE_UID=$(printf "Monkeysphere authentication trust core UID (random string: %s)" $(head -c21 </dev/urandom | base64))
log debug "generating monkeysphere authentication trust core key ($CORE_KEYLENGTH bits)..."
- PEM2OPENPGP_USAGE_FLAGS=certify PEM2OPENPGP_NEWKEY=$CORE_KEYLENGTH pem2openpgp "$CORE_UID" | gpg_core --import || failure "Could not import new key for Monkeysphere authentication trust core"
+ PEM2OPENPGP_USAGE_FLAGS=certify \
+ PEM2OPENPGP_NEWKEY=$CORE_KEYLENGTH pem2openpgp "$CORE_UID" \
+ | gpg_core --import \
+ || failure "Could not import new key for Monkeysphere authentication trust core"
# get fingerprint of core key. should definitely not be empty at this point
- log debug "get core key fingerprint..."
- CORE_FPR=$(gpg_core --with-colons --fixed-list-mode --fingerprint --list-secret-key | grep ^fpr: | cut -f10 -d: )
+ CORE_FPR=$(core_fingerprint)
+ log debug "core fingerprint: $CORE_FPR"
if [ -z "$CORE_FPR" ] ; then
failure "Failed to create Monkeysphere authentication trust core!"
fi
else
- log verbose "This system has already set up the Monkeysphere authentication trust core."
+ log verbose "Monkeysphere authentication trust core already exists."
fi
+ # export the core key to the sphere keyring
+ log debug "exporting core pub key to sphere keyring..."
+ gpg_core --export | gpg_sphere --import
# ensure that the authentication sphere checker has absolute ownertrust on the expected key.
- log debug "set ultimate owner trust on core key in gpg_sphere..."
+ log debug "setting ultimate owner trust on core key in gpg_sphere..."
printf "%s:6:\n" "$CORE_FPR" | gpg_sphere --import-ownertrust
+ gpg_sphere --export-ownertrust | log debug
+
+ # check the owner trust
+ log debug "checking gpg_sphere owner trust set properly..."
local ORIG_TRUST
- log debug "check gpg_sphere owner trust set properly..."
if ORIG_TRUST=$(gpg_sphere --export-ownertrust | grep '^[^#]') ; then
if [ "${CORE_FPR}:6:" != "$ORIG_TRUST" ] ; then
failure "Monkeysphere authentication trust sphere should explicitly trust the core. It does not have proper ownertrust settings."
fi
else
failure "Could not get monkeysphere-authentication trust guidelines."
+ # FIXME: what does this mean? should we suggest how to fix?
fi
# ensure that we're using the extended trust model (1), and that
# our preferences are reasonable (i.e. 3 marginal OR 1 fully
# trusted certifications are sufficient to grant full validity.
- log debug "check trust level of core key..."
- if [ "1:3:1" != $(gpg_sphere --with-colons --fixed-list-mode --list-keys | head -n1 | grep ^tru: cut -f3,6,7 -d:) ] ; then
+ log debug "checking trust model for authentication ..."
+ local TRUST_MODEL=$(gpg_sphere "--with-colons --fixed-list-mode --list-keys" \
+ | head -n1 | grep "^tru:" | cut -d: -f3,6,7)
+ log debug "sphere trust model: $TRUST_MODEL"
+ if [ "$TRUST_MODEL" != '1:3:1' ] ; then
failure "monkeysphere-authentication does not have the expected trust model settings."
+ # FIXME: what does this mean? should we suggest how to fix?
fi
}
find_host_userid > /dev/null && \
failure "Host userID '$userID' already exists."
-echo "The following user ID will be added to the host key:"
-echo " $userID"
-read -p "Are you sure you would like to add this user ID? (y/N) " OK; OK=${OK:=N}
-if [ ${OK/y/Y} != 'Y' ] ; then
- failure "User ID not added."
+if [ "$PROMPT" = "true" ] ; then
+ echo "The following user ID will be added to the host key:"
+ echo " $userID"
+ read -p "Are you sure you would like to add this user ID? (y/N) " OK; OK=${OK:=N}
+ if [ ${OK/y/Y} != 'Y' ] ; then
+ failure "User ID not added."
+ fi
+else
+ log debug "adding user ID without prompting."
fi
# edit-key script command to add user ID
# execute edit-key script
if echo "$adduidCommand" | gpg_host_edit ; then
+ update_gpg_pub_file
+
show_key
echo
fi
else
# create a temporary directory for storing the downloaded key
- TMPLOC=$(mktemp -d ${MHTMPDIR}/tmp.XXXXXXXXXX) || failure "Could not create temporary directory!"
+ TMPLOC=$(mktemp -d "${MHTMPDIR}"/tmp.XXXXXXXXXX) || failure "Could not create temporary directory!"
# download the key from the keyserver as the monkeysphere user
su_monkeysphere_user \
failure "Key '$keyID' not found."
fi
-log info -e "\nkey found:"
+log info "key found:"
gpg_host --fingerprint "0x${fingerprint}!"
-echo "Are you sure you want to add the above key as a"
-read -p "revoker of the host key? (y/N) " OK; OK=${OK:-N}
-if [ "${OK/y/Y}" != 'Y' ] ; then
- failure "Revoker not added."
+if [ "$PROMPT" = "true" ] ; then
+ echo "Are you sure you want to add the above key as a"
+ read -p "revoker of the host key? (y/N) " OK; OK=${OK:-N}
+ if [ "${OK/y/Y}" != 'Y' ] ; then
+ failure "revoker not added."
+ fi
+else
+ log debug "adding revoker without prompting."
fi
# edit-key script to add revoker
-# NOTE: *all* user IDs will be ltsigned
addrevokerCommand=$(cat <<EOF
addrevoker
if echo "$addrevokerCommand" | \
gpg_core_edit ; then
- log info -e "\nRevoker added."
+ update_gpg_pub_file
+
+ log info "Revoker added."
else
failure "Problem adding revoker."
fi
if [ "$problemsfound" -gt 0 ]; then
echo "When the above $problemsfound issue"$(if [ "$problemsfound" -eq 1 ] ; then echo " is" ; else echo "s are" ; fi)" resolved, please re-run:"
- echo " monkeysphere-host expert diagnostics"
+ echo " monkeysphere-host diagnostics"
else
echo "Everything seems to be in order!"
fi
+++ /dev/null
-# -*-shell-script-*-
-# This should be sourced by bash (though we welcome changes to make it POSIX sh compliant)
-
-# Monkeysphere host gen-key subcommand
-#
-# The monkeysphere scripts are written by:
-# Jameson Rollins <jrollins@finestructure.net>
-# Jamie McClelland <jm@mayfirst.org>
-# Daniel Kahn Gillmor <dkg@fifthhorseman.net>
-#
-# They are Copyright 2008-2009, and are all released under the GPL,
-# version 3 or later.
-
-gen_key() {
-
-local hostName=$(hostname -f)
-local keyType="RSA"
-local keyLength="2048"
-local keyUsage="auth"
-local keyExpire="0"
-local userID
-
-# check for presense of a key
-[ "$HOST_FINGERPRINT" ] && \
- failure "An OpenPGP host key already exists."
-
-# get options
-while true ; do
- case "$1" in
- -l|--length)
- keyLength="$2"
- shift 2
- ;;
- *)
- if [ "$(echo "$1" | cut -c 1)" = '-' ] ; then
- failure "Unknown option '$1'.
-Type '$PGRM help' for usage."
- fi
- break
- ;;
- esac
-done
-
-hostName="$1"
-userID="ssh://${hostName}"
-
-# create host home
-mkdir -p "$GNUPGHOME_HOST"
-chmod 700 "$GNUPGHOME_HOST"
-
-log debug "generating host key..."
-gpg_host --batch --gen-key <<EOF
-Key-Type: $keyType
-Key-Length: $keyLength
-Key-Usage: $keyUsage
-Name-Real: $userID
-Expire-Date: $keyExpire
-
-%commit
-%echo done
-
-EOF
-
-# find the key fingerprint of the newly converted key
-HOST_FINGERPRINT=$(get_host_fingerprint)
-export HOST_FINGERPRINT
-
-# translate the private key to ssh format, and export to a file
-# for sshs usage.
-# NOTE: assumes that the primary key is the proper key to use
-log debug "exporting ssh secret key..."
-(umask 077 && \
- gpg_host --export-secret-key "$HOST_FINGERPRINT" | \
- openpgp2ssh "$HOST_FINGERPRINT" > "${MHDATADIR}/ssh_host_rsa_key")
-log info "SSH host private key output to file: ${MHDATADIR}/ssh_host_rsa_key"
-
-log debug "creating ssh public key..."
-ssh-keygen -y -f "${MHDATADIR}/ssh_host_rsa_key" > "$HOST_KEY_PUB"
-log info "SSH host public key output to file: $HOST_KEY_PUB"
-
-# export public key to file
-gpg_host_export_to_ssh_file
-
-# show info about new key
-show_key
-
-}
import_key() {
local hostName
+local domain
local userID
-# check for presense of a key
-[ "$HOST_FINGERPRINT" ] && \
- failure "An OpenPGP host key already exists."
-
-hostName=${1:-$(hostname -f)}
+hostName="$1"
+
+# use the default hostname if not specified
+if [ -z "$hostName" ] ; then
+ hostName=$(hostname -f)
+ # test that the domain is not obviously illegitimate
+ domain=${foo##*.}
+ case $domain in
+ 'local'|'localdomain')
+ failure "Host domain '$domain' is not legitimate. Aborting key import."
+ ;;
+ esac
+ # test that there are at least two parts
+ if (( $(echo "$hostName" | tr . ' ' | wc -w) < 2 )) ; then
+ failure "Host name '$hostName' is not legitimate. Aborting key import."
+ fi
+fi
userID="ssh://${hostName}"
# create host home
-mkdir -p "$GNUPGHOME_HOST"
-chmod 700 "$GNUPGHOME_HOST"
+mkdir -p "${MHDATADIR}"
+mkdir -p "${MHTMPDIR}"
+mkdir -p "${GNUPGHOME_HOST}"
+chmod 700 "${GNUPGHOME_HOST}"
log verbose "importing ssh key..."
# translate ssh key to a private key
-PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" | \
- gpg_host --import
+PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" \
+ | gpg_host --import
-# find the key fingerprint of the newly converted key
-HOST_FINGERPRINT=$(get_host_fingerprint)
-export HOST_FINGERPRINT
+# load the new host fpr into the fpr variable. this is so we can
+# create the gpg pub key file. we have to do this from the secret key
+# ring since we obviously don't have the gpg pub key file yet, since
+# that's what we're trying to produce (see below).
+load_fingerprint_secret
-# export public key to file
-gpg_host_export_to_ssh_file
+# export to gpg public key to file
+update_gpg_pub_file
# show info about new key
show_key
publish_key() {
-read -p "Really publish host key to $KEYSERVER? (y/N) " OK; OK=${OK:=N}
-if [ ${OK/y/Y} != 'Y' ] ; then
- failure "key not published."
+local GNUPGHOME
+
+if [ "$PROMPT" = "true" ] ; then
+ read -p "Really publish host key to $KEYSERVER? (y/N) " OK; OK=${OK:=N}
+ if [ ${OK/y/Y} != 'Y' ] ; then
+ failure "key not published."
+ fi
+else
+ log debug "publishing key without prompting."
fi
-# find the key fingerprint
-fingerprint=$(fingerprint_host_key)
+# create a temporary gnupg directory from which to publish the key
+export GNUPGHOME=$(mktemp -d)
+
+# trap to remove tmp dir if break
+trap "rm -rf $GNUPGHOME" EXIT
+
+# import the host key into the tmp dir
+su_monkeysphere_user \
+ "gpg --quiet --import" <"$HOST_KEY_FILE"
# publish host key
-# FIXME: need to define how to do this
-#gpg_authentication "--keyserver $KEYSERVER --send-keys '0x${fingerprint}!'"
-echo "not published!!!"
+su_monkeysphere_user \
+ "gpg --keyserver $KEYSERVER --send-keys '0x${HOST_FINGERPRINT}!'"
+
+# remove the tmp file
+trap - EXIT
+rm -rf "$GNUPGHOME"
}
echo "WARNING: There is a known bug in this function."
echo "This function has been known to occasionally revoke the wrong user ID."
echo "Please see the following bug report for more information:"
-echo "http://web.monkeysphere.info/bugs/revoke-hostname-revoking-wrong-userid/"
+echo "https://labs.riseup.net/code/issues/show/422"
read -p "Are you sure you would like to proceed? (y/N) " OK; OK=${OK:=N}
if [ ${OK/y/Y} != 'Y' ] ; then
failure "aborting."
uidIndex=$(find_host_userid) || \
failure "No non-revoked user ID found matching '$userID'."
-echo "The following host key user ID will be revoked:"
-echo " $userID"
-read -p "Are you sure you would like to revoke this user ID? (y/N) " OK; OK=${OK:=N}
-if [ ${OK/y/Y} != 'Y' ] ; then
- failure "User ID not revoked."
+if [ "$PROMPT" = "true" ] ; then
+ echo "The following host key user ID will be revoked:"
+ echo " $userID"
+ read -p "Are you sure you would like to revoke this user ID? (y/N) " OK; OK=${OK:=N}
+ if [ ${OK/y/Y} != 'Y' ] ; then
+ failure "User ID not revoked."
+ fi
+else
+ log debug "revoking user ID without prompting."
fi
# edit-key script command to revoke user ID
# execute edit-key script
if echo "$revuidCommand" | gpg_host_edit ; then
+ update_gpg_pub_file
+
show_key
echo
# get the new expiration date
extendTo=$(get_gpg_expiration "$1")
+if [ "$PROMPT" = "true" ] ; then
+ read -p "Are you sure you want to change the expiration on the host key to '$extendTo'? (y/N) " OK; OK=${OK:-N}
+ if [ "${OK/y/Y}" != 'Y' ] ; then
+ failure "expiration not set."
+ fi
+else
+ log debug "extending without prompting."
+fi
+
+log info "setting host key expiration to ${extendTo}:"
+
+log debug "executing host expire script..."
gpg_host_edit expire <<EOF
$extendTo
save
EOF
+update_gpg_pub_file
+
cat <<EOF | log info
NOTE: Host key expiration date adjusted, but not yet published.
Run '$PGRM publish-key' to publish the new expiration date.
--- /dev/null
+#!/bin/bash
+
+# This is a post-install script for monkeysphere, to transition an old
+# (<=0.22) setup to the new (>0.22) setup
+
+SYSDATADIR=${MONKEYSPHERE_SYSDATADIR:-"/var/lib/monkeysphere"}
+
+MADATADIR="${SYSDATADIR}/authentication"
+MHDATADIR="${SYSDATADIR}/host"
+
+############################################################
+### transfer host setup
+
+if [ -d "$SYSDATADIR"/gnupg-host ] ; then
+
+ if [ -s "$SYSDATADIR"/ssh_host_rsa_key ] ; then
+
+ # This would be simple, but it would generate a new pgp key,
+ #and we don't want that, right?
+ #monkeysphere-host expert import_key "$SYSDATADIR"/ssh_host_rsa_key
+
+ # create host home
+ mkdir -p "${MHDATADIR}"
+ mkdir -p "${MHTMPDIR}"
+ mkdir -p "${GNUPGHOME_HOST}"
+ chmod 700 "${GNUPGHOME_HOST}"
+
+ # transfer the host secret key from the old home to the new
+ GNUPGHOME="$SYSDATADIR"/gnupg-host gpg --export-secret-keys \
+ GNUPGHOME="$MHDATADIR" gpg --import
+
+ # make sure the ssh_host_rsa_key.pub and ssh_host_rsa_key.pub.gpg
+ # files exist
+
+ # anything else?
+
+ fi
+
+ #rm -rf "$SYSDATADIR"/gnupg-host
+
+fi
+
+############################################################
+### transfer authentication setup
+
+# should we test for something else/better than the existence of this
+# directory to know that we should go through the setup?
+if [ -d "$SYSDATADIR"/gnupg-authentication ] ; then
+
+ # run the authentication setup
+ monkeysphere-authentication setup
+
+ # transfer certifiers
+ # FIXME: how?
+ # i think we'll need to run something like
+ # gpg_core_sphere_sig_transfer after transfering certifiers ltsigs
+
+ # do we need to do some sort of transfer of ownertrust?
+
+ # move the authorized_keys directory
+ mv "$SYSDATADIR"/authorized_keys "$MADATADIR"/
+
+ # do we need to transfer anything else? running update-users will
+ # regenerate everything else in the sphere keyring, right?
+
+ #rm -rf "$SYSDATADIR"/gnupg-authentication
+
+fi
+
--- /dev/null
+Monkeysphere test infrastructure
+================================
+
+These are scripts to test various aspects of the Monkeysphere system.
+
+Some notes about getting started working on the monkeysphere test
+infrastructure:
+
+- the tests can and should be run as a non-privileged user. since the
+ tests do potentially destructive things (like wiping out and
+ recreating gpg keyrings) they should definitely *not* be run as
+ root. it may even be advisable to run them as a different,
+ dedicated user, so that any goofs you make while updating the test
+ infrastructure don't compromise your main account.
+
+- you do not need the monkeysphere package installed locally, though
+ you will need the monkeysphere dependencies installed locally.
+
+- the idea with this script is to do the following:
+
+ - set up test server infrastructure
+ - test the server setup
+ - set up test user
+ - test an ssh connection between test user and test server
+ - modify server/user setup and rerun ssh_test to make sure it
+ suceeds/fails as expected
+
+- there are various FIXMEs in the script that outline some of the
+ further testing that should be undertaken.
+
+- good documentation in the code in the form of comments are needed.
## set up some variables to ensure that we're operating strictly in
## the tests, not system-wide:
-# make temp dir
+# set up temp dir
+
+# NOTE: /tmp can not be used as the temp dir here, since the
+# permissions on /tmp are usually such that they will not pass the
+# monkeysphere/ssh path permission checking. If you need to use a
+# different location than the current source, please set $TMPDIR
+# somewhere with tighter permissions.
+
mkdir -p "$TESTDIR"/tmp
TEMPDIR=$(mktemp -d "${TMPDIR:-$TESTDIR/tmp}/monkeyspheretest.XXXXXXX")
# copy in admin and testuser home to tmp
echo "##################################################"
-echo "### copying admin and testuser homes..."
-cp -a "$TESTDIR"/home/admin "$TEMPDIR"/
+echo "### configuring testuser home..."
cp -a "$TESTDIR"/home/testuser "$TEMPDIR"/
-
# set up environment for testuser
export TESTHOME="$TEMPDIR"/testuser
export GNUPGHOME="$TESTHOME"/.gnupg
EOF
get_gpg_prng_arg >> "$GNUPGHOME"/gpg.conf
+echo "##################################################"
+echo "### configuring admin home..."
+cp -a "$TESTDIR"/home/admin "$TEMPDIR"/
+
# set up sshd
echo "##################################################"
echo "### configuring sshd..."
######################################################################
### SERVER HOST SETUP
-# create a new host key
-echo "##################################################"
-echo "### testing host key generation..."
-mkdir -p -m 750 "$MONKEYSPHERE_SYSDATADIR"/host
-# add gpg.conf with quick-random
-get_gpg_prng_arg >> "$MONKEYSPHERE_SYSCONFIGDIR"/host/gpg.conf
-echo | monkeysphere-host expert gen-key --length 1024 testhost
-
-# remove the host home for the next test
-rm -rf "$MONKEYSPHERE_SYSCONFIGDIR"/host
-
# import host key
echo "##################################################"
-echo "### testing host key importing..."
+echo "### import host key..."
ssh-keygen -b 1024 -t rsa -N '' -f "$TEMPDIR"/ssh_host_rsa_key
-monkeysphere-host expert import-key testhost < "$TEMPDIR"/ssh_host_rsa_key
+monkeysphere-host import-key testhost < "$TEMPDIR"/ssh_host_rsa_key
+
+echo "##################################################"
+echo "### getting host key fingerprint..."
+HOSTKEYID=$( monkeysphere-host show-key | grep '^OpenPGP fingerprint: ' | cut -f3 -d\ )
+echo "$HOSTKEYID"
# change host key expiration
echo "##################################################"
echo "### setting host key expiration..."
monkeysphere-host set-expire 1
-monkeysphere-host show-key
# FIXME: how do we check that the expiration has really been set?
-echo "##################################################"
-echo "### getting host key fingerprint..."
-HOSTKEYID=$( monkeysphere-host show-key | grep '^OpenPGP fingerprint: ' | cut -f3 -d\ )
-
# certify host key with the "Admin's Key".
# (this would normally be done via keyservers)
echo "##################################################"
# add admin as identity certifier for testhost
echo "##################################################"
echo "### adding admin as certifier..."
-echo y | monkeysphere-authentication add-id-certifier "$TEMPDIR"/admin/.gnupg/pubkey.gpg
+monkeysphere-authentication add-id-certifier -y "$TEMPDIR"/admin/.gnupg/pubkey.gpg
-# FIXME: should we run "diagnostics" here to test setup?
+echo "##################################################"
+echo "### list certifiers..."
+monkeysphere-authentication list-certifiers
+# FIXME: should we run "diagnostics" here to test setup?
######################################################################
### TESTUSER SETUP
# teach the "server" about the testuser's key
echo "##################################################"
echo "### export testuser key to server..."
-gpg --export testuser | monkeysphere-authentication expert gpg-cmd --import
+gpg --export testuser | monkeysphere-authentication gpg-cmd --import
# update authorized_keys for user
echo "##################################################"
echo "### update server authorized_keys file for this testuser..."
monkeysphere-authentication update-users $(whoami)
+# FIXME: this is maybe not failing properly for:
+# ms: improper group or other writability on path '/tmp'.
######################################################################
failed_cleanup() {
# FIXME: can we be more verbose here?
echo 'FAILED!'
- read -p "press enter to cleanup and remove tmp:"
+ read -p "press enter to cleanup and remove tmp (or type bash for a subshell to examine): " XX
+ if [ "$XX" = bash ] ; then
+ bash
+ fi
cleanup
}
keyring for proper cryptographic verification of the archive and its
packages by doing the following:
- $ sudo gpg -a --export EB8AF314 | apt-key add -
+ $ gpg -a --export EB8AF314 | sudo apt-key add -
OK
$ aptitude update
...
projects / monkeysphere.git / commitdiff