/mandos/release : revision 237.7.290

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to mandos-keygen

Committer: Teddy Hogeborn
Date: 2015-03-10 18:03:38 UTC
mto: (237.7.304 trunk)
mto: This revision was merged to the branch mainline in revision 325.
Revision ID: teddy@recompile.se-20150310180338-pcxw6r2qmw9k6br9

Add ":!RSA" to GnuTLS priority string, to disallow non-DHE kx.

If Mandos was somehow made to use a non-ephemeral Diffie-Hellman key
exchange algorithm in the TLS handshake, any saved network traffic
could then be decrypted later if the Mandos client key was obtained.
By default, Mandos uses ephemeral DH key exchanges which does not have
this problem, but a non-ephemeral key exchange algorithm was still
enabled by default. The simplest solution is to simply turn that off,
which ensures that Mandos will always use ephemeral DH key exchanges.

There is a "PFS" priority string specifier, but we can't use it because:

1. Security-wise, it is a mix between "NORMAL" and "SECURE128" - it
enables a lot more algorithms than "SECURE256".

2. It is only available since GnuTLS 3.2.4.

Thanks to Andreas Fischer <af@bantuX.org> for reporting this issue.

files added:
debian/mandos-client.examples

debian/source/local-options

debian/upstream

debian/upstream/signing-key.asc

initramfs-unpack

intro.xml

mandos.service

network-hooks.d

network-hooks.d/bridge

network-hooks.d/bridge.conf

network-hooks.d/openvpn

network-hooks.d/openvpn.conf

network-hooks.d/wireless

network-hooks.d/wireless.conf

files modified:
.bzrignore

DBUS-API

INSTALL

Makefile

NEWS

README

TODO

clients.conf

common.ent

dbus-mandos.conf

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.README.Debian

debian/mandos.dirs

debian/mandos.postinst

debian/mandos.prerm

debian/rules

debian/watch

init.d-mandos

initramfs-tools-hook

initramfs-tools-script

mandos

mandos-clients.conf.xml

mandos-ctl

mandos-ctl.xml

mandos-keygen

mandos-keygen.xml

mandos-monitor

mandos-monitor.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.lsm

mandos.xml

plugin-runner.c

plugin-runner.xml

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

plugins.d/plymouth.c

plugins.d/plymouth.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

Show diffs side-by-side

added added

removed removed

mandos-keygen

# Mandos key generator - create a new OpenPGP key for a Mandos client

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# You should have received a copy of the GNU General Public License

# along with this program. If not, see <http://www.gnu.org/licenses/>.

# Contact the authors at <mandos@fukt.bsnet.se>.

# Contact the authors at <mandos@recompile.se>.

VERSION="1.3.0"

VERSION="1.6.9"

KEYDIR="/etc/keys/mandos"

KEYTYPE=DSA

KEYLENGTH=2048

SUBKEYTYPE=ELG-E

SUBKEYLENGTH=2048

KEYTYPE=RSA

KEYLENGTH=4096

SUBKEYTYPE=RSA

SUBKEYLENGTH=4096

KEYNAME="`hostname --fqdn 2>/dev/null || hostname`"

KEYEMAIL=""

KEYCOMMENT="Mandos client key"

KEYCOMMENT=""

KEYEXPIRE=0

FORCE=no

SSH=yes

KEYCOMMENT_ORIG="$KEYCOMMENT"

mode=keygen

# Parse options

TEMP=`getopt --options vhpF:d:t:l:s:L:n:e:c:x:f \

--longoptions version,help,password,passfile:,dir:,type:,length:,subtype:,sublength:,name:,email:,comment:,expire:,force \

TEMP=`getopt --options vhpF:d:t:l:s:L:n:e:c:x:fS \

--longoptions version,help,password,passfile:,dir:,type:,length:,subtype:,sublength:,name:,email:,comment:,expire:,force,no-ssh \

--name "$0" -- "$@"`

help(){

basename="`basename $0`"

basename="`basename "$0"`"

cat <<EOF

Usage: $basename [ -v | --version ]

$basename [ -h | --help ]

-v, --version Show program's version number and exit

-h, --help Show this help message and exit

-d DIR, --dir DIR Target directory for key files

-t TYPE, --type TYPE Key type. Default is DSA.

-t TYPE, --type TYPE Key type. Default is RSA.

-l BITS, --length BITS

Key length in bits. Default is 2048.

Key length in bits. Default is 4096.

-s TYPE, --subtype TYPE

Subkey type. Default is ELG-E.

Subkey type. Default is RSA.

-L BITS, --sublength BITS

Subkey length in bits. Default is 2048.

Subkey length in bits. Default is 4096.

-n NAME, --name NAME Name of key. Default is the FQDN.

-e ADDRESS, --email ADDRESS

Email address of key. Default is empty.

-c TEXT, --comment TEXT

Comment field for key. The default value is

"Mandos client key".

Comment field for key. The default is empty.

-x TIME, --expire TIME

Key expire time. Default is no expiration.

See gpg(1) for syntax.

Encrypt a password from FILE using the key in

the key directory. All options other than

--dir and --name are ignored.

-S, --no-ssh Don't get SSH key or set "checker" option.

EOF

}

104

105

-c|--comment) KEYCOMMENT="$2"; shift 2;;

105

106

-x|--expire) KEYEXPIRE="$2"; shift 2;;

106

107

-f|--force) FORCE=yes; shift;;

108

-S|--no-ssh) SSH=no; shift;;

107

109

-v|--version) echo "$0 $VERSION"; exit;;

108

110

-h|--help) help; exit;;

109

111

--) shift; break;;

111

113

esac

112

114

done

113

115

if [ "$#" -gt 0 ]; then

114

echo "Unknown arguments: '$@'" >&2

116

echo "Unknown arguments: '$*'" >&2

115

117

exit 1

116

118

117

119

189

191

trap "

190

192

set +e; \

191

193

test -n \"$SECFILE\" && shred --remove \"$SECFILE\"; \

192

shred --remove \"$RINGDIR\"/sec*;

194

shred --remove \"$RINGDIR\"/sec* 2>/dev/null;

193

195

test -n \"$BATCHFILE\" && rm --force \"$BATCHFILE\"; \

194

196

rm --recursive --force \"$RINGDIR\";

195

stty echo; \

197

tty --quiet && stty echo; \

196

198

" EXIT

197

199

198

200

set -e

204

206

cat >"$BATCHFILE" <<-EOF

205

207

Key-Type: $KEYTYPE

206

208

Key-Length: $KEYLENGTH

207

#Key-Usage: encrypt,sign,auth

209

Key-Usage: sign,auth

208

210

Subkey-Type: $SUBKEYTYPE

209

211

Subkey-Length: $SUBKEYLENGTH

210

#Subkey-Usage: encrypt,sign,auth

212

Subkey-Usage: encrypt

211

213

Name-Real: $KEYNAME

212

214

$KEYCOMMENTLINE

213

215

$KEYEMAILLINE

229

231

date

230

232

231

233

234

# Make sure trustdb.gpg exists;

235

# this is a workaround for Debian bug #737128

236

gpg --quiet --batch --no-tty --no-options --enable-dsa2 \

237

--homedir "$RINGDIR" \

238

--import-ownertrust < /dev/null

232

239

# Generate a new key in the key rings

233

240

gpg --quiet --batch --no-tty --no-options --enable-dsa2 \

234

241

--homedir "$RINGDIR" --trust-model always \

270

277

271

278

272

279

if [ "$mode" = password ]; then

280

281

# Make SSH be 0 or 1

282

case "$SSH" in

283

[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]) SSH=1;;

284

[Nn][Oo]|[Ff][Aa][Ll][Ss][Ee]|*) SSH=0;;

285

esac

286

287

if [ $SSH -eq 1 ]; then

288

set +e

289

ssh_fingerprint="`ssh-keyscan localhost 2>/dev/null`"

290

if [ $? -ne 0 ]; then

291

ssh_fingerprint=""

292

293

set -e

294

ssh_fingerprint="${ssh_fingerprint#localhost }"

295

296

273

297

# Import key into temporary key rings

274

298

gpg --quiet --batch --no-tty --no-options --enable-dsa2 \

275

299

--homedir "$RINGDIR" --trust-model always --armor \

280

304

281

305

# Get fingerprint of key

282

306

FINGERPRINT="`gpg --quiet --batch --no-tty --no-options \

283

--enable-dsa2 --homedir \"$RINGDIR\" --trust-model always \

307

--enable-dsa2 --homedir "$RINGDIR" --trust-model always \

284

308

--fingerprint --with-colons \

285

309

| sed --quiet \

286

310

--expression='/^fpr:/{s/^fpr:.*:\$[0-9A-Z]*\$:\$/\\1/p;q}'`"

289

313

290

314

FILECOMMENT="Encrypted password for a Mandos client"

291

315

292

if [ -n "$PASSFILE" ]; then

293

cat "$PASSFILE"

294

else

295

stty -echo

296

echo -n "Enter passphrase: " >&2

297

first="$(head --lines=1 | tr --delete '\n')"

298

echo >&2

299

echo -n "Repeat passphrase: " >&2

300

second="$(head --lines=1 | tr --delete '\n')"

301

echo >&2

302

stty echo

303

if [ "$first" != "$second" ]; then

304

echo "Passphrase mismatch" >&2

305

touch "$RINGDIR"/mismatch

316

while [ ! -s "$SECFILE" ]; do

317

if [ -n "$PASSFILE" ]; then

318

cat "$PASSFILE"

306

319

else

307

echo -n "$first"

320

tty --quiet && stty -echo

321

echo -n "Enter passphrase: " >&2

322

read first

323

tty --quiet && echo >&2

324

echo -n "Repeat passphrase: " >&2

325

read second

326

if tty --quiet; then

327

echo >&2

328

stty echo

329

330

if [ "$first" != "$second" ]; then

331

echo "Passphrase mismatch" >&2

332

touch "$RINGDIR"/mismatch

333

else

334

echo -n "$first"

335

336

fi | gpg --quiet --batch --no-tty --no-options --enable-dsa2 \

337

--homedir "$RINGDIR" --trust-model always --armor \

338

--encrypt --sign --recipient "$FINGERPRINT" --comment \

339

"$FILECOMMENT" > "$SECFILE"

340

if [ -e "$RINGDIR"/mismatch ]; then

341

rm --force "$RINGDIR"/mismatch

342

if tty --quiet; then

343

> "$SECFILE"

344

else

345

exit 1

346

308

347

309

fi | gpg --quiet --batch --no-tty --no-options --enable-dsa2 \

310

--homedir "$RINGDIR" --trust-model always --armor --encrypt \

311

--sign --recipient "$FINGERPRINT" --comment "$FILECOMMENT" \

312

> "$SECFILE"

313

if [ -e "$RINGDIR"/mismatch ]; then

314

rm --force "$RINGDIR"/mismatch

315

exit 1

316

348

done

317

349

318

350

cat <<-EOF

319

351

[$KEYNAME]

330

362

/^[^-]/s/^/ /p

331

363

}

332

364

}' < "$SECFILE"

365

if [ -n "$ssh_fingerprint" ]; then

366

echo 'checker = ssh-keyscan %%(host)s 2>/dev/null | grep --fixed-strings --line-regexp --quiet --regexp=%%(host)s" %(ssh_fingerprint)s"'

367

echo "ssh_fingerprint = ${ssh_fingerprint}"

368

333

369

334

370

335

371

trap - EXIT

340

376

shred --remove "$SECFILE"

341

377

342

378

# Remove the key rings

343

shred --remove "$RINGDIR"/sec*

379

shred --remove "$RINGDIR"/sec* 2>/dev/null

344

380

rm --recursive --force "$RINGDIR"

Older »