1MONKEYSPHERE(7)                System Frameworks               MONKEYSPHERE(7)
2
3
4

NAME

6       monkeysphere  -  ssh and TLS authentication framework using OpenPGP Web
7       of Trust
8
9

DESCRIPTION

11       Monkeysphere is a framework to leverage the OpenPGP web  of  trust  for
12       OpenSSH and TLS key-based authentication.  OpenPGP keys are tracked via
13       GnuPG, and added to the authorized_keys and known_hosts files  used  by
14       OpenSSH  for  connection authentication.  Monkeysphere can also be used
15       by a validation agent to validate TLS connections (e.g. https).
16
17

IDENTITY CERTIFIERS

19       Each host that uses the Monkeysphere to authenticate its  remote  users
20       needs  some way to determine that those users are who they claim to be.
21       SSH permits key-based authentication,  but  we  want  instead  to  bind
22       authenticators  to  human-comprehensible  user identities.  This switch
23       from raw keys to User IDs makes it possible for administrators  to  see
24       intuitively who has access to an account, and it also enables end users
25       to transition keys (and revoke compromised ones)  automatically  across
26       all  Monkeysphere-enabled  hosts.  The User IDs and certifications that
27       the Monkeysphere relies on are found in the OpenPGP Web of Trust.
28
29       However, in order to establish this binding, each host must know  whose
30       cerifications  to  trust.   Someone  who  a host trusts to certify User
31       Identities is called an Identity Certifier.  A host must have at  least
32       one  Identity  Certifier  in order to bind User IDs to keys.  Commonly,
33       every ID Certifier would be trusted by the host to fully  identify  any
34       User  ID,  but more nuanced approaches are possible as well.  For exam‐
35       ple, a given host could specify a dozen ID certifiers, but assign  them
36       all  "marginal"  trust.  Then any given User ID would need to be certi‐
37       fied in the OpenPGP Web of Trust by at least three of those certifiers.
38
39       It is also possible to limit the scope of trust for a given  ID  Certi‐
40       fier  to  a  particular  domain.   That is, a host can be configured to
41       fully (or marginally) trust a particular ID Certifier  only  when  they
42       certify  identities  within,  say,  example.org  (based  on  the e-mail
43       address in the User ID).
44
45

KEY ACCEPTABILITY

47       The monkeysphere commands work from a set  of  user  IDs  to  determine
48       acceptable  keys for ssh and TLS authentication.  OpenPGP keys are con‐
49       sidered acceptable if the following criteria are met:
50
51       capability
52              The key must have the `authentication' (`a') usage flag set.
53
54       validity
55              The key itself must be valid, i.e. it must be  well-formed,  not
56              expired, and not revoked.
57
58       certification
59              The relevant user ID must be signed by a trusted identity certi‐
60              fier.
61
62

HOST IDENTIFICATION

64       The OpenPGP keys for hosts have  associated  `service  names`  (OpenPGP
65       user  IDs)  that are based on URI specifications for the service.  Some
66       examples:
67
68       ssh:   ssh://host.example.com[:port]
69
70       https: https://host.example.com[:port]
71
72

AUTHOR

74       Written by: Jameson Rollins <jrollins@finestructure.net>,  Daniel  Kahn
75       Gillmor <dkg@fifthhorseman.net>
76
77

SEE ALSO

79       monkeysphere(1),  monkeysphere-host(8), monkeysphere-authentication(8),
80       openpgp2ssh(1),                 pem2openpgp(1),                 gpg(1),
81       http://tools.ietf.org/html/rfc4880,                             ssh(1),
82       http://tools.ietf.org/wg/secsh/draft-ietf-secsh-scp-sftp-ssh-uri/
83
84
85
86monkeysphere                      March 2010                   MONKEYSPHERE(7)
Impressum