Projects / Monkeysphere

Monkeysphere

The Monkeysphere enables you to use the OpenPGP web of trust to verify ssh connections. SSH key-based authentication is tried-and-true, but it lacks a true public key infrastructure for key certification, revocation, and expiration. Monkeysphere is a framework that uses the OpenPGP web of trust for these PKI functions. It can be used in both directions: for users to get validated host keys, and for hosts to authenticate users.

Tags
Operating Systems
Implementation

Recent releases

  •  21 Jul 2009 13:37

    Release Notes: The marginal UI was updated. Code portability improvements were made. The code was cleaned up. monkeysphere update-known_hosts was fixed for sshd running on non-standard ports. The "sshfpr" subcommand was added to output the ssh fingerprint of a gpg key. pem2openpgp now generates self-sigs over SHA-256 instead of SHA-1. Translation of keys with fingerprints with leading all-zero bytes is now properly handled. Symlinks are resolved when checking paths. MONKEYSPHERE_GROUP is now explicitly set and used from system "groups". monkeysphere-host now uses keytrans to add and revoke hostname.

    •  01 Dec 2008 21:12

      Release Notes: This release adds info log output when a new key is added to the known_hosts file. It adds some useful output to the ssh-proxycommand for "marginal" cases where keys are found for the host but do not have full validity. It forces ssh-keygen to read from stdin to get the SSH key fingerprint. It will automatically output two copies of the host's public key: one a standard SSH public key file, and the other a minimal OpenPGP key with just the latest valid self-sig. In debian/control, the alternate dependency has been corrected from procfile to procmail (which provides /usr/bin/lockfile).

      •  16 Nov 2008 14:56

        No changes have been submitted for this release.

        Screenshot

        Project Spotlight

        OpenStack4j

        A Fluent OpenStack client API for Java.

        Screenshot

        Project Spotlight

        TurnKey TWiki Appliance

        A TWiki appliance that is easy to use and lightweight.