man/man1/monkeysphere.1
man/man1/openpgp2ssh.1
man/man1/monkeysphere-ssh-proxycommand.1
-man/man5/monkeysphere.5
+man/man7/monkeysphere.7
man/man8/monkeysphere-server.8
.SH SEE ALSO
.BR monkeysphere (1),
+.BR monkeysphere (7),
.BR ssh (1),
.BR ssh_config (5),
.BR netcat (1),
Update the known_hosts file. For each specified host, gpg will be
queried for a key associated with the host URI (see HOST
IDENTIFICATION in
-.BR monkeysphere(5)),
+.BR monkeysphere(7)),
optionally querying a keyserver.
If an acceptable key is found for the host (see KEY ACCEPTABILITY in
-.BR monkeysphere(5)),
+.BR monkeysphere(7)),
the key is added to the user's known_hosts file. If a key is found
but is unacceptable for the host, any matching keys are removed from
the user's known_hosts file. If no gpg key is found for the host,
each user ID in the user's authorized_user_ids file, gpg will be
queried for keys associated with that user ID, optionally querying a
keyserver. If an acceptable key is found (see KEY ACCEPTABILITY in
-.BR monkeysphere (5)),
+.BR monkeysphere (7)),
the key is added to the user's authorized_keys file.
If a key is found but is unacceptable for the user ID, any matching
keys are removed from the user's authorized_keys file. If no gpg key
.BR monkeysphere-ssh-proxycommand (1),
.BR monkeysphere-server (8),
-.BR monkeysphere (5),
+.BR monkeysphere (7),
.BR ssh (1),
.BR ssh-add (1),
.BR gpg (1)
.Pp
.Nm
is part of the
-.Xr monkeysphere 5
+.Xr monkeysphere 7
framework for providing a PKI for SSH.
.Sh CAVEATS
The keys produced by this process are stripped of all identifying
ignore later ones.
.Sh SEE ALSO
.Xr monkeysphere 1 ,
-.Xr monkeysphere 5 ,
+.Xr monkeysphere 7 ,
.Xr ssh 1 ,
.Xr monkeysphere-server 8
+++ /dev/null
-.TH MONKEYSPHERE "5" "June 2008" "monkeysphere" "System Frameworks"
-
-.SH NAME
-
-monkeysphere \- ssh authentication framework using OpenPGP Web of
-Trust
-
-.SH DESCRIPTION
-
-\fBMonkeySphere\fP is a framework to leverage the OpenPGP Web of Trust
-for ssh authentication. OpenPGP keys are tracked via GnuPG, and added
-to the authorized_keys and known_hosts files used by ssh for
-connection authentication.
-
-.SH IDENTITY CERTIFIERS
-
-FIXME: describe identity certifier concept
-
-.SH KEY ACCEPTABILITY
-
-During known_host and authorized_keys updates, the monkeysphere
-commands work from a set of user IDs to determine acceptable keys for
-ssh authentication. OpenPGP keys are considered acceptable if the
-following criteria are met:
-.TP
-.B capability
-The key must have the "authentication" ("a") usage flag set.
-.TP
-.B validity
-The key itself must be valid, i.e. it must be well-formed, not
-expired, and not revoked.
-.TP
-.B certification
-The relevant user ID must be signed by a trusted identity certifier.
-
-.SH HOST IDENTIFICATION
-
-The OpenPGP keys for hosts have associated user IDs that use the ssh
-URI specification for the host, i.e. "ssh://host.full.domain[:port]".
-
-.SH AUTHOR
-
-Written by Jameson Rollins <jrollins@fifthhorseman.net>, Daniel Kahn
-Gillmor <dkg@fifthhorseman.net>
-
-.SH SEE ALSO
-
-.BR monkeysphere (1),
-.BR monkeysphere-server (8),
-.BR monkeysphere-ssh-proxycommand (1),
-.BR gpg (1),
-.BR ssh (1),
-.BR http://tools.ietf.org/html/rfc4880,
-.BR http://tools.ietf.org/wg/secsh/draft-ietf-secsh-scp-sftp-ssh-uri/
--- /dev/null
+.TH MONKEYSPHERE "7" "June 2008" "monkeysphere" "System Frameworks"
+
+.SH NAME
+
+monkeysphere \- ssh authentication framework using OpenPGP Web of
+Trust
+
+.SH DESCRIPTION
+
+\fBMonkeySphere\fP is a framework to leverage the OpenPGP Web of Trust
+for ssh authentication. OpenPGP keys are tracked via GnuPG, and added
+to the authorized_keys and known_hosts files used by ssh for
+connection authentication.
+
+.SH IDENTITY CERTIFIERS
+
+FIXME: describe identity certifier concept
+
+.SH KEY ACCEPTABILITY
+
+During known_host and authorized_keys updates, the monkeysphere
+commands work from a set of user IDs to determine acceptable keys for
+ssh authentication. OpenPGP keys are considered acceptable if the
+following criteria are met:
+.TP
+.B capability
+The key must have the "authentication" ("a") usage flag set.
+.TP
+.B validity
+The key itself must be valid, i.e. it must be well-formed, not
+expired, and not revoked.
+.TP
+.B certification
+The relevant user ID must be signed by a trusted identity certifier.
+
+.SH HOST IDENTIFICATION
+
+The OpenPGP keys for hosts have associated user IDs that use the ssh
+URI specification for the host, i.e. "ssh://host.full.domain[:port]".
+
+.SH AUTHOR
+
+Written by Jameson Rollins <jrollins@fifthhorseman.net>, Daniel Kahn
+Gillmor <dkg@fifthhorseman.net>
+
+.SH SEE ALSO
+
+.BR monkeysphere (1),
+.BR monkeysphere-server (8),
+.BR monkeysphere-ssh-proxycommand (1),
+.BR gpg (1),
+.BR ssh (1),
+.BR http://tools.ietf.org/html/rfc4880,
+.BR http://tools.ietf.org/wg/secsh/draft-ietf-secsh-scp-sftp-ssh-uri/
authorized_user_ids file are processed. For each user ID, gpg will be
queried for keys associated with that user ID, optionally querying a
keyserver. If an acceptable key is found (see KEY ACCEPTABILITY in
-monkeysphere(5)), the key is added to the account's
+monkeysphere(7)), the key is added to the account's
monkeysphere-controlled authorized_keys file. If the
RAW_AUTHORIZED_KEYS variable is set, then a separate authorized_keys
file (usually ~USER/.ssh/authorized_keys) is appended to the
.SH SEE ALSO
.BR monkeysphere (1),
-.BR monkeysphere (5),
+.BR monkeysphere (7),
.BR gpg (1),
.BR ssh (1)
projects / monkeysphere.git / commitdiff