1monkeysphere (0.42) unstable; urgency=medium 2 3 * bugfix release: 4 * use --send-keys instead of --send (closes: #908228) 5 * tests: Ensure that stale sockets don't fail socat (Closes: #899060) 6 * Remove deprecated option from test sshd config (Closes: #902320) 7 * write old-style PEM files to unbreak test suite (Closes: #909700) 8 * yet more colon fixes that escaped previous inspections 9 * fix more gnupg2 colons changes (Closes: #902367) 10 * Remove RSAAuthentication from test ssh config (Closes: #902318) 11 * clean up test suite failures when built against newer GnuPG 12 * use generic compiler (closes: #883015) 13 * make print_date_from_seconds_since_the_epoch deal better with bad input 14 15 -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 16 Oct 2018 11:38:39 -0400 16 17monkeysphere (0.41) unstable; urgency=medium 18 19 * pem2openpgp now includes issuer fingerprint subpacket 20 in hashed self-sig, more compatible with GnuPG 2.1.16 21 (Closes: #846554) 22 * avoid blocking for entropy during test suite 23 (Closes: #841208) 24 * augment test suite for id certifier with a subkey, for better realism 25 * ensure that attempts to fetch primary key fingerprint only fetch 26 primary key fingerprint even if subkey fprs are emitted 27 (Closes: #846554) 28 * include $CPPFLAGS in agent-transfer build 29 30 -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 12 Oct 2016 01:12:27 -0400 31 32monkeysphere (0.40) unstable; urgency=medium 33 34 * bugfix release: 35 * get tests to pass against GnuPG 2.1.15 36 * build more portably 37 38 -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 12 Oct 2016 01:12:27 -0400 39 40monkeysphere (0.39) unstable; urgency=medium 41 42 * avoid warning about unused asprintf return value 43 * avoid treating src/share/common as an executable 44 * ensure that this works even if SYSSHAREDIR has whitespace 45 * Include local build of agent-transfer in $PATH (Closes: #835719) 46 * force bash as the shell during su (Closes: #827660) 47 48 -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 30 Aug 2016 03:10:53 -0400 49 50monkeysphere (0.38) unstable; urgency=medium 51 52 * make tests work with modern gpg (2.1.x and later) as /usr/bin/gpg 53 * this introduces a new binary, agent-transfer, to transfer secret keys 54 from gpg-agent to ssh-agent. 55 56 -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 17 May 2016 00:44:32 -0400 57 58monkeysphere (0.37) unstable; urgency=medium 59 60 * Bugfix release with minor improvements and dependency accomodations. 61 * Test openpgp2ssh functionality (closes MS #6524) 62 * use new GnuPG with-colons output 63 * accomodate changed behavior of ssh-keygen -F 64 * accomodate multiple AuthorizedKeysFile directives 65 * deal sanely with empty lines in authorized_user_ids (closes MS #6344) 66 * treat non-standard ports properly (closes MS #3402) 67 68 -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 06 Aug 2014 13:23:04 -0400 69 70monkeysphere (0.36) unstable; urgency=low 71 72 * keytrans no longer confuses user IDs across different keys (closes MS 73 #2682) 74 * fetch all available keys from keyserver instead of first 5 (closes MS 75 #1046) 76 * enable openpgp2pem for keytrans (Closes: #698383) 77 * enable openpgp2spki as well 78 79 [ Jonas Smedegaard ] 80 * m-a gpg-cmd now takes its arguments as separate parameters, not as a 81 single string. 82 83 -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 11 Jul 2013 13:19:45 -0400 84 85monkeysphere (0.35) upstream; 86 87 * Remove reference to USE_VALIDATION_AGENT. 88 * Fix ssh_proxycommand for marginal hosts (closes MS #2593) 89 * GnuPG should always behave as --fixed-list-mode (closes MS #2587) 90 91 -- Jameson Rollins <jrollins@finestructure.net> Fri, 29 Oct 2010 20:21:54 -0400 92 93monkeysphere (0.34) upstream; 94 95 * fix keys-for-user so that it outputs proper authorized_keys lines 96 (close MS #2550) 97 * refactor key processing for key files, greatly reducing redundant code 98 paths 99 * update authorized_keys and known_hosts in temp filess that are 100 atomically moved into place 101 * don't fail if authorized_keys file not already present (Closes: 600644) 102 * document CHECK_KEYSERVER in monkeysphere-authentication man page 103 (close MS #2556) 104 105 -- Jameson Rollins <jrollins@finestructure.net> Tue, 26 Oct 2010 10:27:01 -0400 106 107monkeysphere (0.33) upstream; 108 109 [ Daniel Kahn Gillmor ] 110 * defaulting MONKEYSPHERE_HASH_KNOWN_HOSTS to false 111 (closes MS #2483) 112 113 [ Jameson Rollins ] 114 * fix security vulnerability is parsing userids in 115 monkeysphere-authentication keys-for-user (Closes: #600304) 116 * fix failure after first invalid key in monkeysphere-authentication 117 keys-for-user (closes MS #2545) 118 * ignore command options in monkeysphere-authentication keys-for-user 119 120 -- Jameson Rollins <jrollins@finestructure.net> Fri, 15 Oct 2010 18:05:18 -0400 121 122monkeysphere (0.32) upstream; 123 124 [ Jameson Rollins ] 125 * Fix specification of install paths in all scripts and man pages 126 (closes MS #2491) 127 * Fix need for single argument to gpg_sphere (thanks Clint) 128 (closes MS #442) 129 * specify LC_ALL=C for all gpg calls 130 (closes MS #2496) 131 132 [ Micah Anderson ] 133 * fix monkeysphere-host revoke-key, which never worked properly :( 134 * add some debug output to monkeysphere-host publish-key 135 (closes MS #2289) 136 137 [ Clint Adams ] 138 * add support for options to the authorized User IDs file. Options that 139 should apply to keys for a given User ID should be on 140 whitespace-prefixed lines immediately following that User ID. 141 (closes MS #440) 142 143 -- Jameson Rollins <jrollins@finestructure.net> Wed, 06 Oct 2010 17:41:09 -0400 144 145monkeysphere (0.31) upstream; 146 147 [ Daniel Kahn Gillmor ] 148 * support x509 anchors for monkeysphere-host, allow shared anchor 149 between m-h and m-a (closes MS #2288) 150 * do not bail or fail on m-h publish-key if the admin interactively 151 declines to publish one of the keys key (closes MS #1945) 152 * report updated expiration date upon successful conclusion of m-h 153 set-expire (closes MS #2291) 154 * added some files in examples/ to demonstrate system integration 155 with OpenSSH 156 157 [ Jameson Rollins ] 158 * add keys-for-user subcommand to monkeysphere-authentication 159 160 -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 15 Jul 2010 19:20:35 -0400 161 162monkeysphere (0.30) upstream; 163 164 * changing tarball creation and packaging strategies 165 * make non-ssh parts of monkeysphere work well when openssh is not 166 installed; degrade ssh-specific parts gracefully when openssh is not 167 installed. 168 169 -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sat, 17 Apr 2010 16:46:52 -0400 170 171monkeysphere (0.29) upstream; 172 173 * This is mainly a bugfix release 174 * Fix man page typo about monkeysphere authorized_keys location 175 * Monkeysphere should work properly even if the user has "armor" in 176 their gpg.conf (closes MS #1625) 177 * monkeysphere keys-for-userid now respects MONKEYSPHERE_CHECK_KEYSERVER 178 environment variable (and defaults to true) 179 * introduce monkeysphere sshfprs-for-userid (deprecates sshfpr), closes 180 MS #1436 181 * respect CHECK_KEYSERVER in more places (closes MS #1997) 182 * warn on keyserver failures for monkeysphere-authentication (closes MS 183 #1750) 184 * avoid checking trustdb for monkeysphere-host (closes MS #1957) 185 * allow monkeysphere-authentication to use hkps with trusted X.509 root 186 certificate authorities in 187 /etc/monkeysphere/monkeysphere-authentication-x509-anchors.crt 188 189 -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sun, 14 Mar 2010 21:00:47 -0400 190 191monkeysphere (0.28) upstream; 192 193 * Major rework of monkeysphere-host to handle multiple host keys. We 194 also no longer assume ssh service keys. monkeysphere-host is now a 195 general-purpose host service OpenPGP key management UI. 196 * Rename keys-from-userid command to more accurate keys-for-userid 197 * separate upstream and debian changelogs 198 199 -- Jameson Rollins <jrollins@finestructure.net> Tue, 19 Jan 2010 13:50:31 -0500 200 201monkeysphere (0.27) upstream; 202 203 * fixed monkeysphere gen-subkey subcommand that was erroneously creating 204 DSA subkeys due to unannounced change in gpg edit-key UI. Now tests 205 for gpg version (closes MS #1536) 206 * add new monkeysphere keys-from-userid subcommand to output all 207 acceptable keys for a given user ID literal 208 209 -- Jameson Rollins <jrollins@finestructure.net> Mon, 11 Jan 2010 20:54:21 -0500 210 211monkeysphere (0.26) upstream; 212 213 * add 'refresh-keys' subcommand to monkeysphere-authentication 214 * improve marginal UI (closes MS #1141) 215 * add MONKEYSPHERE_STRICT_MODES configuration to avoid 216 permission-checking (closes MS #649) 217 * test scripts use STRICT_MODES to avoid failure when built under /tmp 218 * do permissions checks with a perl script instead of non-portable 219 readlink GNUisms 220 * bail on permissions check if we hit the home directory (helpful on Mac 221 OS and other systems with loose /home or /Users (closes MS #675) 222 223 -- Jameson Graef Rollins <jrollins@finestructure.net> Sat, 01 Aug 2009 17:11:05 -0400 224 225monkeysphere (0.25) upstream; 226 227 * New upstream release: 228 * update/fix the marginal ui output 229 * use msmktempdir everywhere (avoid unwrapped calls to mktemp for 230 portability) 231 * clean out some redundant "cat"s 232 * fix monkeysphere update-known_hosts for sshd running on non-standard 233 ports 234 * add 'sshfpr' subcommand to output the ssh fingerprint of a gpg key 235 * pem2openpgp now generates self-sigs over SHA-256 instead of SHA-1 236 (changes dependency to libdigest-sha-perl) 237 * some portability improvements 238 * properly handle translation of keys with fingerprints with leading 239 all-zero bytes. 240 * resolve symlinks when checking paths (thanks Silvio Rhatto) 241 (closes MS #917) 242 * explicitly set and use MONKEYSPHERE_GROUP from system "groups" 243 * monkeysphere-host now uses keytrans to add and revoke hostname 244 (closes MS #422) 245 246 -- Jameson Graef Rollins <jrollins@finestructure.net> Thu, 16 Jul 2009 22:09:19 -0400 247 248monkeysphere (0.24) upstream; 249 250 * fixed how version information is stored/retrieved 251 * now uses perl-based keytrans for both pem2openpgp and openpgp2ssh 252 * no longer needs base64 in PATH 253 * added "test" make target 254 * improved transitions/0.23 script so it no longer fails in common 255 circumstances (Closes: #517779) 256 * RSA only: no longer handles DSA keys 257 * added ability to specify subkeys to add to ssh agent with new 258 MONKEYSPHERE_SUBKEYS_FOR_AGENT environment variable 259 260 -- Jameson Graef Rollins <jrollins@finestructure.net> Tue, 03 Mar 2009 19:38:33 -0500 261 262monkeysphere (0.23) upstream; 263 264 "The Golden Bezoar Release" 265 266 * rearchitect UI: 267 - replace monkeysphere-server with monkeysphere-{authentication,host} 268 - fold monkeysphere-ssh-proxycommand into /usr/bin/monkeysphere 269 * new ability to import existing ssh host key into monkeysphere. So now 270 m-a import-key replaces m-s gen-key. 271 * provide pem2openpgp for translating unencrypted PEM-encoded raw key 272 material into OpenPGP keys (introduces new perl dependencies) 273 * get rid of getopts dependency 274 * added version output option 275 * better checks for the existence of a host private key for 276 monkeysphere-host subcommands that need it. 277 * better checks on validity of existing authentication subkeys when 278 doing monkeysphere gen_subkey. 279 * add transition infrastructure for major changes between releases (see 280 transitions/README.txt) 281 * implement and document two new monkeysphere-host subcommands: 282 revoke-key and add-revoker 283 284 -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sat, 21 Feb 2009 17:51:06 -0500 285 286monkeysphere (0.22) upstream; 287 288 [ Jameson Graef Rollins ] 289 * added info log output when a new key is added to known_hosts file. 290 * added some useful output to the ssh-proxycommand for "marginal" cases 291 where keys are found for host but do not have full validity. 292 * force ssh-keygen to read from stdin to get ssh key fingerprint. 293 294 [ Daniel Kahn Gillmor ] 295 * automatically output two copies of the host's public key: one standard 296 ssh public key file, and the other a minimal OpenPGP key with just the 297 latest valid self-sig. 298 * debian/control: corrected alternate dependency from procfile to 299 procmail (which provides /usr/bin/lockfile) 300 301 -- Jameson Graef Rollins <jrollins@finestructure.net> Fri, 28 Nov 2008 14:23:31 -0500 302 303monkeysphere (0.21) upstream; 304 305 * move debian packaging to packaging subdirectory. 306 307 -- Jameson Graef Rollins <jrollins@finestructure.net> Sat, 15 Nov 2008 16:14:27 -0500 308 309monkeysphere (0.20) upstream; 310 311 [ Daniel Kahn Gillmor ] 312 * ensure that tempdirs are properly created, bail out otherwise instead 313 of stumbling ahead. 314 * minor fussing with the test script to make it cleaner. 315 316 [ Jameson Graef Rollins ] 317 * clean up Makefile to generate more elegant source tarballs. 318 * make myself the maintainer. 319 320 -- Jameson Graef Rollins <jrollins@finestructure.net> Sat, 15 Nov 2008 13:12:57 -0500 321 322monkeysphere (0.19) experimental; urgency=low 323 324 [ Daniel Kahn Gillmor ] 325 * simulating an X11 session in the test script. 326 * updated packaging so that symlinks to config files are correct. 327 328 -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 29 Oct 2008 02:47:49 -0400 329 330monkeysphere (0.18) experimental; urgency=low 331 332 [ Jameson Graef Rollins ] 333 * Fix bugs in authorized_{user_ids,keys} file permission checking. 334 * Add new monkeysphere tmpdir to enable atomic moves of authorized_keys 335 files. 336 * chown authorized_keys files to `whoami`, for compatibility with test 337 suite. 338 * major improvements to test suite, added more tests. 339 340 [ Daniel Kahn Gillmor ] 341 * update make install to ensure placement of 342 /etc/monkeysphere/gnupg-{host,authentication}.conf 343 * choose either --quick-random or --debug-quick-random depending on 344 which gpg supports for the test suite. 345 346 -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 29 Oct 2008 00:41:38 -0400 347 348monkeysphere (0.17) experimental; urgency=low 349 350 [ Jameson Graef Rollins ] 351 * Fix some bugs in, and cleanup, authorized_keys file creation in 352 monkeysphere-server update-users. 353 * Move to using the empty string for not adding a user-controlled 354 authorized_keys file in the RAW_AUTHORIZED_KEYS variable. 355 356 -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 28 Oct 2008 02:04:22 -0400 357 358monkeysphere (0.16) experimental; urgency=low 359 360 [ Daniel Kahn Gillmor ] 361 * replaced "#!/bin/bash" with "#!/usr/bin/env bash" for better 362 portability. 363 * fixed busted lockfile arrangement, where empty file was being locked 364 * portability fixes in the way we use date, mktemp, hostname, su 365 * stop using /usr/bin/stat, since the syntax appears to be totally 366 unportable 367 * require GNU getopt, and test for getopt failures (look for getopt in 368 /usr/local/bin first, since that's where FreeBSD's GNU-compatible 369 getopt lives. 370 * monkeysphere-server diagnostics now counts problems and suggests a 371 re-run after they have been resolved. 372 * completed basic test suite: this can be run from the git sources or 373 the tarball with: cd tests && ./basic 374 375 [ Jameson Graef Rollins ] 376 * Genericize fs location variables. 377 * break out gpg.conf files into SYSCONFIGDIR, and not auto-generated at 378 install. 379 380 -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sun, 26 Oct 2008 03:06:18 -0400 381 382monkeysphere (0.15) experimental; urgency=low 383 384 * porting work and packaging simplification: clarifying makefiles, 385 pruning dependencies, etc. 386 * added tests to monkeysphere-server diagnostics 387 * moved monkeysphere(5) to section 7 of the manual 388 * now shipping TODO in /usr/share/doc/monkeysphere 389 390 -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 04 Sep 2008 19:08:40 -0400 391 392monkeysphere (0.14) experimental; urgency=low 393 394 * changing debian packaging back to format 1.0 so we get automatic 395 tarballs, and easier inclusion in other build networks. 396 * no other source changes. 397 398 -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 04 Sep 2008 13:03:35 -0400 399 400monkeysphere (0.13) experimental; urgency=low 401 402 [ Daniel Kahn Gillmor ] 403 * tweaks in /usr/bin/monkeysphere to handle odd secret keyrings. 404 * updated makefile to reflect the package building technique we've been 405 using for a month now. 406 407 [ Jameson Graef Rollins ] 408 * move location of user config directory to ~/.monkeysphere. 409 410 -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 03 Sep 2008 17:26:10 -0400 411 412monkeysphere (0.12) experimental; urgency=low 413 414 [ Jameson Graef Rollins ] 415 * Improved output handling. New LOG_LEVEL variable. 416 417 [ Daniel Kahn Gillmor ] 418 * debian/control: switched Homepage: and Vcs-Git: to canonicalized 419 upstream hostnames. 420 * updated documentation for new release. 421 * changed my associated e-mail address for this package. 422 423 -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 02 Sep 2008 18:54:29 -0400 424 425monkeysphere (0.11) experimental; urgency=low 426 427 [ Jameson Graef Rollins ] 428 * fix bug in trustdb update on add/revoke-hostname. 429 430 [ Daniel Kahn Gillmor ] 431 * debian/control: added Build-Depends: git-core for the new packaging 432 format 433 * new subcommand: monkeysphere subkey-to-ssh-agent (relies on a patched 434 GnuTLS to deal with GPG's gnu-dummy S2K extension, but fails cleanly 435 if not found). 436 437 -- Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net> Wed, 20 Aug 2008 11:24:35 -0400 438 439monkeysphere (0.10) experimental; urgency=low 440 441 [ Jameson Graef Rollins ] 442 * brown paper bag release: invert test on calculated validity of keys. 443 444 -- Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net> Mon, 18 Aug 2008 16:22:34 -0400 445 446monkeysphere (0.9) experimental; urgency=low 447 448 [ Daniel Kahn Gillmor ] 449 * implemented "monkeysphere-server extend-key" to adjust expiration 450 date of host key. 451 * removed "monkeysphere-server fingerprint". Use "monkeysphere-server 452 show-key" instead. 453 454 [ Jameson Graef Rollins ] 455 * fixed bug in user id processing that prevented bad primary keys from 456 being properly removed. 457 458 -- Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net> Mon, 18 Aug 2008 15:42:12 -0400 459 460monkeysphere (0.8) experimental; urgency=low 461 462 [ Daniel Kahn Gillmor ] 463 * debian/control: switched Vcs-Git to use "centralized" git repo instead 464 of my own. 465 * More monkeysphere-server diagnostics 466 * monkeysphere --gen-subkey now guesses what KeyID you meant. 467 * added Recommends: ssh-askpass to ensure monkeysphere --gen-subkey 468 works sensibly under X11 469 470 [ Jameson Graef Rollins ] 471 * fix another bug when known_hosts files are missing. 472 * sort processed keys so that "good" keys are processed after "bad" 473 keys. This will prevent malicious bad keys from causing good keys to 474 be removed from key files. 475 * enabled host key publication. 476 * added checking of gpg.conf for keyserver 477 * new functions to add/revoke host key user IDs 478 * improved list-certifiers function (now non-privileged) 479 480 -- Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net> Mon, 18 Aug 2008 12:43:37 -0400 481 482monkeysphere (0.7) experimental; urgency=low 483 484 [ Daniel Kahn Gillmor ] 485 * Added monkeysphere-server diagnostics subcommand. 486 * rebuilding package using Format: 3.0 (git) 487 488 [ Jameson Graef Rollins ] 489 * fix how check for file modification is done. 490 * rework out user id processing is done to provide more verbose log 491 output. 492 * fix bug in monkeysphpere update-authorized_keys subcommand where 493 disallowed keys failed to be remove from authorized_keys file. 494 495 -- Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net> Mon, 04 Aug 2008 10:47:41 -0400 496 497monkeysphere (0.6) experimental; urgency=low 498 499 [ Jameson Graef Rollins ] 500 * Fix bug in return on error of ssh-proxycommand. 501 502 [ Daniel Kahn Gillmor ] 503 * try socat if netcat is not available in proxycommand. 504 505 -- Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net> Tue, 29 Jul 2008 10:27:20 -0400 506 507monkeysphere (0.5) experimental; urgency=low 508 509 [ Daniel Kahn Gillmor ] 510 * updated READMEs to match current state of code 511 512 [ Jameson Graef Rollins ] 513 * Tweak how empty authorized_user_ids and known_hosts files are handled. 514 * Do not fail when authorized_user_ids or known_hosts file is not found. 515 516 -- Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net> Mon, 28 Jul 2008 10:50:02 -0400 517 518monkeysphere (0.4) experimental; urgency=low 519 520 [ Daniel Kahn Gillmor ] 521 * New version. 522 * Fixed return code error in openpgp2ssh 523 524 [ Jameson Graef Rollins ] 525 * Privilege separation: use monkeysphere user to handle maintenance of 526 the gnupg authentication keychain for server. 527 * Improved certifier key management. 528 * Fixed variable scoping and config file precedence. 529 * Add options for key generation and add-certifier functions. 530 * Fix return codes for known_host and authorized_keys updating 531 functions. 532 * Add write permission check on authorized_keys, known_hosts, and 533 authorized_user_ids files. 534 535 -- Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net> Tue, 22 Jul 2008 21:50:17 -0400 536 537monkeysphere (0.3) experimental; urgency=low 538 539 [ Daniel Kahn Gillmor ] 540 * new version. 541 542 [ Jameson Graef Rollins ] 543 * Move files in /var/cache/monkeysphere and GNUPGHOME for server to 544 the more appropriate /var/lib/monkeysphere. 545 546 -- Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net> Tue, 24 Jun 2008 00:55:29 -0400 547 548monkeysphere (0.2) experimental; urgency=low 549 550 * added lockfile-progs dependency 551 552 -- Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net> Mon, 23 Jun 2008 19:34:05 -0400 553 554monkeysphere (0.2) experimental; urgency=low 555 556 [ Daniel Kahn Gillmor ] 557 * openpgp2ssh now supports specifying keys by full fingerprint. 558 559 [ Jameson Graef Rollins ] 560 * Add AUTHORIZED_USER_IDS config variable for server, which defaults to 561 %h/.config/monkeysphere/authorized_user_ids, instead of 562 /etc/monkeysphere/authorized_user_ids. 563 * Remove {update,remove}-userids functions, since we decided they 564 weren't useful enough to be worth maintaining. 565 * Better handling of unknown users in server update-users 566 * Add file locking when modifying known_hosts or authorized_keys 567 * Better failure/prompting for gen-subkey 568 * Add ability to set any owner trust level for keys in server keychain. 569 570 -- Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net> Mon, 23 Jun 2008 17:03:19 -0400 571 572monkeysphere (0.1) experimental; urgency=low 573 574 * First release of debian package for monkeysphere. 575 * This is experimental -- please report bugs! 576 577 -- Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net> Thu, 19 Jun 2008 00:34:53 -0400 578