Skip to content

use the OpenPGP web of trust to verify ssh connections

License

Notifications You must be signed in to change notification settings

dkg/monkeysphere

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

The Monkeysphere Project
------------------------

The Monkeysphere project's goal is to extend OpenPGP's web of trust to
new areas of the Internet to help us securely identify each other
while we work online.

Specifically, monkeysphere currently offers a framework to leverage
the OpenPGP web of trust for OpenSSH authentication.

In other words, it allows you to use secure shell as you normally do,
but to identify yourself and the servers you administer or connect to
with your OpenPGP keys. OpenPGP keys are tracked via GnuPG, and
monkeysphere manages the known_hosts and authorized_keys files used by
OpenSSH for authentication, checking them for cryptographic validity.

Dependencies
------------

Monkeysphere depends on:

 * GnuPG >= 2.1.11
 * Perl
 * Perl's Crypt::OpenSSL::RSA module
 * lockfile-progs or procmail's lockfile
 * Bash
 * OpenSSH's ssh-keygen utility (ideally >= 6.0)