Accepted monkeysphere 0.24-1~bpo50+1 (source all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Tue, 17 Mar 2009 04:08:08 +0000
Source: monkeysphere
Binary: monkeysphere
Architecture: source all
Version: 0.24-1~bpo50+1
Distribution: lenny-backports
Urgency: low
Maintainer: Jameson Graef Rollins <jrollins@finestructure.net>
Changed-By: Micah Anderson <micah@debian.org>
Description:
monkeysphere - use the OpenPGP web of trust to verify ssh connections
Closes: 505806 517779
Changes:
monkeysphere (0.24-1~bpo50+1) lenny-backports; urgency=low
.
* Backport squeeze version for backports.org (no changes)
.
monkeysphere (0.24-1) unstable; urgency=low
.
* New upstream release:
- fixed how version information is stored/retrieved
- now uses perl-based keytrans for both pem2openpgp and openpgp2ssh
- no longer needs base64 in PATH
- added "test" make target
- improved transitions/0.23 script so it no longer fails in common
circumstances (Closes: #517779)
- RSA only: no longer handles DSA keys
- added ability to specify subkeys to add to ssh agent with
new MONKEYSPHERE_SUBKEYS_FOR_AGENT environment variable
* update/cleanup maintainer scripts
* remove GnuTLS dependency
* remove versioned coreutils | base64 dependency
* added Build-Deps for dh_autotest
* switch to Architecture: all
* added cron to Recommends
.
monkeysphere (0.23.1-1) unstable; urgency=low
.
* New Upstrem "Brown Paper Bag" Release:
- adjusts internal version numbers
.
monkeysphere (0.23-1) unstable; urgency=low
.
"The Golden Bezoar Release"
.
* New upstream release.
* rearchitect UI:
- replace monkeysphere-server with monkeysphere-{authentication,host}
- fold monkeysphere-ssh-proxycommand into /usr/bin/monkeysphere
.
* new ability to import existing ssh host key into monkeysphere. So now
m-a import-key replaces m-s gen-key.
* provide pem2openpgp for translating unencrypted PEM-encoded raw key
material into OpenPGP keys (introduces new perl dependencies)
* get rid of getopts dependency
* added version output option
* better checks for the existence of a host private key for
monkeysphere-host subcommands that need it.
* better checks on validity of existing authentication subkeys when
doing monkeysphere gen_subkey.
* add transition infrastructure for major changes between releases (see
transitions/README.txt)
* implement and document two new monkeysphere-host subcommands:
revoke-key and add-revoker
.
monkeysphere (0.22-1) unstable; urgency=low
.
* New upstream release:
[ Jameson Graef Rollins ]
.
- added info log output when a new key is added to known_hosts file.
- added some useful output to the ssh-proxycommand for "marginal"
cases where keys are found for host but do not have full validity.
- force ssh-keygen to read from stdin to get ssh key fingerprint.
.
[ Daniel Kahn Gillmor ]
.
- automatically output two copies of the host's public key: one
standard ssh public key file, and the other a minimal OpenPGP key with
just the latest valid self-sig.
- debian/control: corrected alternate dependency from procfile to
procmail (which provides /usr/bin/lockfile)
.
monkeysphere (0.21-2) unstable; urgency=low
.
* actually rmdir /var/lib/monkeysphere-* during prerm if possible.
.
monkeysphere (0.21-1) unstable; urgency=low
.
* New upstream release:
- move debian packaging to packaging subdirectory.
* Add debian prerm script, and add debhelper lines to other install
scripts.
* Initial release to Debian (Closes: #505806)
.
monkeysphere (0.20-1) unstable; urgency=low
.
[ Daniel Kahn Gillmor ]
* ensure that tempdirs are properly created, bail out otherwise instead
of stumbling ahead.
* minor fussing with the test script to make it cleaner.
.
[ Jameson Graef Rollins ]
* clean up Makefile to generate more elegant source tarballs.
* make myself the maintainer.
.
monkeysphere (0.19-1) experimental; urgency=low
.
[ Daniel Kahn Gillmor ]
* simulating an X11 session in the test script.
* updated packaging so that symlinks to config files are correct.
.
monkeysphere (0.18-1) experimental; urgency=low
.
[ Jameson Graef Rollins ]
* Fix bugs in authorized_{user_ids,keys} file permission checking.
* Add new monkeysphere tmpdir to enable atomic moves of authorized_keys
files.
* chown authorized_keys files to `whoami`, for compatibility with test
suite.
* major improvements to test suite, added more tests.
.
[ Daniel Kahn Gillmor ]
* update make install to ensure placement of
/etc/monkeysphere/gnupg-{host,authentication}.conf
* choose either --quick-random or --debug-quick-random depending on
which gpg supports for the test suite.
.
monkeysphere (0.17-1) experimental; urgency=low
.
[ Jameson Graef Rollins ]
* Fix some bugs in, and cleanup, authorized_keys file creation in
monkeysphere-server update-users.
* Move to using the empty string for not adding a user-controlled
authorized_keys file in the RAW_AUTHORIZED_KEYS variable.
.
monkeysphere (0.16-1) experimental; urgency=low
.
[ Daniel Kahn Gillmor ]
* replaced "#!/bin/bash" with "#!/usr/bin/env bash" for better
portability.
* fixed busted lockfile arrangement, where empty file was being locked
* portability fixes in the way we use date, mktemp, hostname, su
* stop using /usr/bin/stat, since the syntax appears to be totally
unportable
* require GNU getopt, and test for getopt failures (look for getopt in
/usr/local/bin first, since that's where FreeBSD's GNU-compatible
getopt lives.
* monkeysphere-server diagnostics now counts problems and suggests a
re-run after they have been resolved.
* completed basic test suite: this can be run from the git sources or
the tarball with: cd tests && ./basic
.
[ Jameson Graef Rollins ]
* Genericize fs location variables.
* break out gpg.conf files into SYSCONFIGDIR, and not auto-generated at
install.
.
monkeysphere (0.15-1) experimental; urgency=low
.
* porting work and packaging simplification: clarifying makefiles,
pruning dependencies, etc.
* added tests to monkeysphere-server diagnostics
* moved monkeysphere(5) to section 7 of the manual
* now shipping TODO in /usr/share/doc/monkeysphere
.
monkeysphere (0.14-1) experimental; urgency=low
.
* changing debian packaging back to format 1.0 so we get automatic
tarballs, and easier inclusion in other build networks.
* no other source changes.
.
monkeysphere (0.13-1) experimental; urgency=low
.
[ Daniel Kahn Gillmor ]
* tweaks in /usr/bin/monkeysphere to handle odd secret keyrings.
* updated makefile to reflect the package building technique we've been
using for a month now.
.
[ Jameson Graef Rollins ]
* move location of user config directory to ~/.monkeysphere.
.
monkeysphere (0.12-1) experimental; urgency=low
.
[ Jameson Graef Rollins ]
* Improved output handling. New LOG_LEVEL variable.
.
[ Daniel Kahn Gillmor ]
* debian/control: switched Homepage: and Vcs-Git: to canonicalized
upstream hostnames.
* updated documentation for new release.
* changed my associated e-mail address for this package.
.
monkeysphere (0.11-1) experimental; urgency=low
.
[ Jameson Graef Rollins ]
* fix bug in trustdb update on add/revoke-hostname.
.
[ Daniel Kahn Gillmor ]
* debian/control: added Build-Depends: git-core for the new packaging
format
* new subcommand: monkeysphere subkey-to-ssh-agent (relies on a patched
GnuTLS to deal with GPG's gnu-dummy S2K extension, but fails cleanly
if not found).
.
monkeysphere (0.10-1) experimental; urgency=low
.
[ Jameson Graef Rollins ]
* brown paper bag release: invert test on calculated validity of keys.
.
monkeysphere (0.9-1) experimental; urgency=low
.
[ Daniel Kahn Gillmor ]
* implemented "monkeysphere-server extend-key" to adjust expiration
date of host key.
* removed "monkeysphere-server fingerprint". Use "monkeysphere-server
show-key" instead.
.
[ Jameson Graef Rollins ]
* fixed bug in user id processing that prevented bad primary keys from
being properly removed.
.
monkeysphere (0.8-1) experimental; urgency=low
.
[ Daniel Kahn Gillmor ]
* debian/control: switched Vcs-Git to use "centralized" git repo instead
of my own.
* More monkeysphere-server diagnostics
* monkeysphere --gen-subkey now guesses what KeyID you meant.
* added Recommends: ssh-askpass to ensure monkeysphere --gen-subkey
works sensibly under X11
.
[ Jameson Graef Rollins ]
* fix another bug when known_hosts files are missing.
* sort processed keys so that "good" keys are processed after "bad"
keys. This will prevent malicious bad keys from causing good keys to
be removed from key files.
* enabled host key publication.
* added checking of gpg.conf for keyserver
* new functions to add/revoke host key user IDs
* improved list-certifiers function (now non-privileged)
.
monkeysphere (0.7-1) experimental; urgency=low
.
[ Daniel Kahn Gillmor ]
* Added monkeysphere-server diagnostics subcommand.
* rebuilding package using Format: 3.0 (git)
.
[ Jameson Graef Rollins ]
* fix how check for file modification is done.
* rework out user id processing is done to provide more verbose log
output.
* fix bug in monkeysphpere update-authorized_keys subcommand where
disallowed keys failed to be remove from authorized_keys file.
.
monkeysphere (0.6-1) experimental; urgency=low
.
[ Jameson Graef Rollins ]
* Fix bug in return on error of ssh-proxycommand.
.
[ Daniel Kahn Gillmor ]
* try socat if netcat is not available in proxycommand.
.
monkeysphere (0.5-1) experimental; urgency=low
.
[ Daniel Kahn Gillmor ]
* updated READMEs to match current state of code
.
[ Jameson Graef Rollins ]
* Tweak how empty authorized_user_ids and known_hosts files are handled.
* Do not fail when authorized_user_ids or known_hosts file is not found.
.
monkeysphere (0.4-1) experimental; urgency=low
.
[ Daniel Kahn Gillmor ]
* New version.
* Fixed return code error in openpgp2ssh
.
[ Jameson Graef Rollins ]
* Privilege separation: use monkeysphere user to handle maintenance of
the gnupg authentication keychain for server.
* Improved certifier key management.
* Fixed variable scoping and config file precedence.
* Add options for key generation and add-certifier functions.
* Fix return codes for known_host and authorized_keys updating
functions.
* Add write permission check on authorized_keys, known_hosts, and
authorized_user_ids files.
.
monkeysphere (0.3-1) experimental; urgency=low
.
[ Daniel Kahn Gillmor ]
* new version.
.
[ Jameson Graef Rollins ]
* Move files in /var/cache/monkeysphere and GNUPGHOME for server to
the more appropriate /var/lib/monkeysphere.
.
monkeysphere (0.2-2) experimental; urgency=low
.
* added lockfile-progs dependency
.
monkeysphere (0.2-1) experimental; urgency=low
.
[ Daniel Kahn Gillmor ]
* openpgp2ssh now supports specifying keys by full fingerprint.
.
[ Jameson Graef Rollins ]
* Add AUTHORIZED_USER_IDS config variable for server, which defaults to
%h/.config/monkeysphere/authorized_user_ids, instead of
/etc/monkeysphere/authorized_user_ids.
* Remove {update,remove}-userids functions, since we decided they
weren't useful enough to be worth maintaining.
* Better handling of unknown users in server update-users
* Add file locking when modifying known_hosts or authorized_keys
* Better failure/prompting for gen-subkey
* Add ability to set any owner trust level for keys in server keychain.
Checksums-Sha1:
46bb85516deab1e5e9707d3f6d2a70f541b13b51 1297 monkeysphere_0.24-1~bpo50+1.dsc
45b26ada094705e56eeff1117a28162e04226cc7 86044 monkeysphere_0.24.orig.tar.gz
866f9fbca86ddc28e25e8ff3d424c18b880d907f 6931 monkeysphere_0.24-1~bpo50+1.diff.gz
739e6bc5a5c4a9ae9b7d0c53c900ca5fa2561cfd 70314 monkeysphere_0.24-1~bpo50+1_all.deb
Checksums-Sha256:
b60372bf2ac41551a883fc5959bb5575d5920c131496fe46a436bb13ec625736 1297 monkeysphere_0.24-1~bpo50+1.dsc
2a58cee998ddb1b21b953826fc746a743e17d94e6fa34ac9cbee4262873b5c5f 86044 monkeysphere_0.24.orig.tar.gz
e8317720b8619135ddbc7902cfb50abde791e52c47bebfbfeef4a06fe3a5342e 6931 monkeysphere_0.24-1~bpo50+1.diff.gz
3b8bc2b4ef260ddc3e3c321d5d4dd7d52409b5986929c30845403b0ec261cd8f 70314 monkeysphere_0.24-1~bpo50+1_all.deb
Files:
101299e4e97c1f2822dff70f290686f0 1297 net extra monkeysphere_0.24-1~bpo50+1.dsc
8590532f4702fa44027a6a583657c9ef 86044 net extra monkeysphere_0.24.orig.tar.gz
13900228f2321c822233ba1914ee953c 6931 net extra monkeysphere_0.24-1~bpo50+1.diff.gz
7e05e2ba8ba02702b0422e9db00ab5f4 70314 net extra monkeysphere_0.24-1~bpo50+1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkm/I7QACgkQ9n4qXRzy1ir0WgCfSoZwFsTFEZeTybJM8y2ymvst
qOAAn081ZtTlrsHodetWKq+tS750tFxt
=t3lu
-----END PGP SIGNATURE-----
Accepted:
monkeysphere_0.24-1~bpo50+1.diff.gz
to pool/main/m/monkeysphere/monkeysphere_0.24-1~bpo50+1.diff.gz
monkeysphere_0.24-1~bpo50+1.dsc
to pool/main/m/monkeysphere/monkeysphere_0.24-1~bpo50+1.dsc
monkeysphere_0.24-1~bpo50+1_all.deb
to pool/main/m/monkeysphere/monkeysphere_0.24-1~bpo50+1_all.deb
monkeysphere_0.24.orig.tar.gz
to pool/main/m/monkeysphere/monkeysphere_0.24.orig.tar.gz
Reply to: