Difference between revisions of "Monkeysphere"

From the Linux and Unix Users Group at Virginia Teck Wiki
Jump to: navigation, search
imported>Mutantmonkey
 
(5 intermediate revisions by 5 users not shown)
Line 1: Line 1:
'''The Monkeysphere Project''' is an open-source project to extend the web of trust found in GnuPG and OpenPGP to securely identify servers we connect to. It's designed as a potential solution to eliminate reliance on the certificate authorities found with SSL and make host key checking with OpenSSH much more convenient.
+
'''The Monkeysphere Project''' is an open-source project to extend the web of trust found in GnuPG and OpenPGP to securely identify servers we connect to. It is designed as a potential solution to eliminate reliance on the certificate authorities found with SSL and make host key checking with OpenSSH much more convenient.
  
The [[VTLUUG]] currently has SSH host keys available in the Monkeysphere for [[acidburn]], [[milton]], and [[wood]]. There are also HTTPS host keys available for <code>gobblerpedia.org</code>, <code>uniluug.org</code>, <code>vtluug.org</code>, and <code>wargame.vtluug.org</code>. These keys are signed by [[User:mutantmonkey|mutantmonkey]].
+
==Script Installation==
 
 
==Installation==
 
 
{{Template:Version|Ubuntu 10.04}}
 
{{Template:Version|Ubuntu 10.04}}
  
Line 21: Line 19:
 
</pre>
 
</pre>
  
 +
==Browser Plugin Installation==
 
Next, download, compile and install the browser plugin with git.
 
Next, download, compile and install the browser plugin with git.
 
<pre>
 
<pre>
Line 36: Line 35:
 
==External links==
 
==External links==
 
* [http://web.monkeysphere.info/ The Monkeysphere Project]
 
* [http://web.monkeysphere.info/ The Monkeysphere Project]
 +
 +
[[Category:Howtos]]
 +
[[Category:Scripts]]
 +
[[Category:Software]]

Latest revision as of 22:46, 3 January 2019

The Monkeysphere Project is an open-source project to extend the web of trust found in GnuPG and OpenPGP to securely identify servers we connect to. It is designed as a potential solution to eliminate reliance on the certificate authorities found with SSL and make host key checking with OpenSSH much more convenient.

Script Installation

The following instructions were written for Ubuntu 10.04 and may not work on other platforms or versions. If you would like to see additional coverage, please add it yourself or make a request on the wiki's wanted page.

Add the Monkeysphere APT repository to /etc/apt/sources.list.

echo 'deb http://archive.monkeysphere.info/debian experimental monkeysphere
deb-src http://archive.monkeysphere.info/debian experimental monkeysphere' | sudo tee -a /etc/apt/sources.list

Then trust the Monkeysphere key after verification.

Now make sure that apt is up to date, install the Monkeysphere packages, and configure Monkeysphere to run.

$ sudo apt-get update
$ sudo apt-get install monkeysphere monkeysphere-validation-agent
$ echo 'USE_VALIDATION_AGENT=true' >> ~/.monkeysphere/monkeysphere.conf

Browser Plugin Installation

Next, download, compile and install the browser plugin with git.

$ git clone git://git.monkeysphere.info/xul-ext-monkeysphere
$ cd xul-ext-monkeysphere
$ make

To install the plugin, open the .xul file in your browser and choose the install option.

Lastly, log out and log back in to have the Monkeysphere validation agent launch automatically.

To test, try navigating to https://vtluug.org without the self-signed certificate trusted. A monkey icon in the bottom left should spin as the trust is checked. Eventually, the certificate warning page should be bypassed if the certificate can be authenticated through the web of trust. Otherwise, the monkey face will be crossed out with red.

External links