/mandos/trunk : revision 742

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos-keygen

Committer: Teddy Hogeborn
Date: 2015-03-10 18:03:38 UTC
Revision ID: teddy@recompile.se-20150310180338-pcxw6r2qmw9k6br9

Add ":!RSA" to GnuTLS priority string, to disallow non-DHE kx.

If Mandos was somehow made to use a non-ephemeral Diffie-Hellman key
exchange algorithm in the TLS handshake, any saved network traffic
could then be decrypted later if the Mandos client key was obtained.
By default, Mandos uses ephemeral DH key exchanges which does not have
this problem, but a non-ephemeral key exchange algorithm was still
enabled by default. The simplest solution is to simply turn that off,
which ensures that Mandos will always use ephemeral DH key exchanges.

There is a "PFS" priority string specifier, but we can't use it because:

1. Security-wise, it is a mix between "NORMAL" and "SECURE128" - it
enables a lot more algorithms than "SECURE256".

2. It is only available since GnuTLS 3.2.4.

Thanks to Andreas Fischer <af@bantuX.org> for reporting this issue.

files added:
DBUS-API

debian/mandos-client.examples

debian/source

debian/source/format

debian/source/local-options

debian/upstream

debian/upstream/signing-key.asc

initramfs-unpack

intro.xml

mandos-ctl.xml

mandos-monitor.xml

mandos.service

network-hooks.d

network-hooks.d/bridge

network-hooks.d/bridge.conf

network-hooks.d/openvpn

network-hooks.d/openvpn.conf

network-hooks.d/wireless

network-hooks.d/wireless.conf

plugins.d/plymouth.c

plugins.d/plymouth.xml

files modified:
.bzrignore

INSTALL

Makefile

NEWS

README

TODO

clients.conf

common.ent

dbus-mandos.conf

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.README.Debian

debian/mandos.dirs

debian/mandos.docs

debian/mandos.postinst

debian/mandos.prerm

debian/rules

debian/watch

init.d-mandos

initramfs-tools-hook

initramfs-tools-script

mandos

mandos-clients.conf.xml

mandos-ctl

mandos-keygen

mandos-keygen.xml

mandos-monitor

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.lsm

mandos.xml

plugin-runner.c

plugin-runner.xml

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

Show diffs side-by-side

added added

removed removed

mandos-keygen

# Mandos key generator - create a new OpenPGP key for a Mandos client

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# You should have received a copy of the GNU General Public License

# along with this program. If not, see <http://www.gnu.org/licenses/>.

# Contact the authors at <mandos@fukt.bsnet.se>.

# Contact the authors at <mandos@recompile.se>.

VERSION="1.0.14"

VERSION="1.6.9"

KEYDIR="/etc/keys/mandos"

KEYTYPE=DSA

KEYLENGTH=2048

SUBKEYTYPE=ELG-E

SUBKEYLENGTH=2048

KEYTYPE=RSA

KEYLENGTH=4096

SUBKEYTYPE=RSA

SUBKEYLENGTH=4096

KEYNAME="`hostname --fqdn 2>/dev/null || hostname`"

KEYEMAIL=""

KEYCOMMENT="Mandos client key"

KEYCOMMENT=""

KEYEXPIRE=0

FORCE=no

SSH=yes

KEYCOMMENT_ORIG="$KEYCOMMENT"

mode=keygen

# Parse options

TEMP=`getopt --options vhpF:d:t:l:s:L:n:e:c:x:f \

--longoptions version,help,password,passfile:,dir:,type:,length:,subtype:,sublength:,name:,email:,comment:,expire:,force \

TEMP=`getopt --options vhpF:d:t:l:s:L:n:e:c:x:fS \

--longoptions version,help,password,passfile:,dir:,type:,length:,subtype:,sublength:,name:,email:,comment:,expire:,force,no-ssh \

--name "$0" -- "$@"`

help(){

basename="`basename $0`"

basename="`basename "$0"`"

cat <<EOF

Usage: $basename [ -v | --version ]

$basename [ -h | --help ]

-v, --version Show program's version number and exit

-h, --help Show this help message and exit

-d DIR, --dir DIR Target directory for key files

-t TYPE, --type TYPE Key type. Default is DSA.

-t TYPE, --type TYPE Key type. Default is RSA.

-l BITS, --length BITS

Key length in bits. Default is 2048.

Key length in bits. Default is 4096.

-s TYPE, --subtype TYPE

Subkey type. Default is ELG-E.

Subkey type. Default is RSA.

-L BITS, --sublength BITS

Subkey length in bits. Default is 2048.

Subkey length in bits. Default is 4096.

-n NAME, --name NAME Name of key. Default is the FQDN.

-e ADDRESS, --email ADDRESS

Email address of key. Default is empty.

-c TEXT, --comment TEXT

Comment field for key. The default value is

"Mandos client key".

Comment field for key. The default is empty.

-x TIME, --expire TIME

Key expire time. Default is no expiration.

See gpg(1) for syntax.

Encrypt a password from FILE using the key in

the key directory. All options other than

--dir and --name are ignored.

-S, --no-ssh Don't get SSH key or set "checker" option.

EOF

}

104

105

-c|--comment) KEYCOMMENT="$2"; shift 2;;

105

106

-x|--expire) KEYEXPIRE="$2"; shift 2;;

106

107

-f|--force) FORCE=yes; shift;;

108

-S|--no-ssh) SSH=no; shift;;

107

109

-v|--version) echo "$0 $VERSION"; exit;;

108

110

-h|--help) help; exit;;

109

111

--) shift; break;;

111

113

esac

112

114

done

113

115

if [ "$#" -gt 0 ]; then

114

echo "Unknown arguments: '$@'" >&2

116

echo "Unknown arguments: '$*'" >&2

115

117

exit 1

116

118

117

119

189

191

trap "

190

192

set +e; \

191

193

test -n \"$SECFILE\" && shred --remove \"$SECFILE\"; \

192

shred --remove \"$RINGDIR\"/sec*;

194

shred --remove \"$RINGDIR\"/sec* 2>/dev/null;

193

195

test -n \"$BATCHFILE\" && rm --force \"$BATCHFILE\"; \

194

196

rm --recursive --force \"$RINGDIR\";

195

stty echo; \

197

tty --quiet && stty echo; \

196

198

" EXIT

197

199

200

set -e

201

198

202

umask 077

199

203

200

204

if [ "$mode" = keygen ]; then

202

206

cat >"$BATCHFILE" <<-EOF

203

207

Key-Type: $KEYTYPE

204

208

Key-Length: $KEYLENGTH

205

#Key-Usage: encrypt,sign,auth

209

Key-Usage: sign,auth

206

210

Subkey-Type: $SUBKEYTYPE

207

211

Subkey-Length: $SUBKEYLENGTH

208

#Subkey-Usage: encrypt,sign,auth

212

Subkey-Usage: encrypt

209

213

Name-Real: $KEYNAME

210

214

$KEYCOMMENTLINE

211

215

$KEYEMAILLINE

227

231

date

228

232

229

233

234

# Make sure trustdb.gpg exists;

235

# this is a workaround for Debian bug #737128

236

gpg --quiet --batch --no-tty --no-options --enable-dsa2 \

237

--homedir "$RINGDIR" \

238

--import-ownertrust < /dev/null

230

239

# Generate a new key in the key rings

231

240

gpg --quiet --batch --no-tty --no-options --enable-dsa2 \

232

241

--homedir "$RINGDIR" --trust-model always \

268

277

269

278

270

279

if [ "$mode" = password ]; then

280

281

# Make SSH be 0 or 1

282

case "$SSH" in

283

[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]) SSH=1;;

284

[Nn][Oo]|[Ff][Aa][Ll][Ss][Ee]|*) SSH=0;;

285

esac

286

287

if [ $SSH -eq 1 ]; then

288

set +e

289

ssh_fingerprint="`ssh-keyscan localhost 2>/dev/null`"

290

if [ $? -ne 0 ]; then

291

ssh_fingerprint=""

292

293

set -e

294

ssh_fingerprint="${ssh_fingerprint#localhost }"

295

296

271

297

# Import key into temporary key rings

272

298

gpg --quiet --batch --no-tty --no-options --enable-dsa2 \

273

299

--homedir "$RINGDIR" --trust-model always --armor \

278

304

279

305

# Get fingerprint of key

280

306

FINGERPRINT="`gpg --quiet --batch --no-tty --no-options \

281

--enable-dsa2 --homedir \"$RINGDIR\" --trust-model always \

307

--enable-dsa2 --homedir "$RINGDIR" --trust-model always \

282

308

--fingerprint --with-colons \

283

309

| sed --quiet \

284

310

--expression='/^fpr:/{s/^fpr:.*:\$[0-9A-Z]*\$:\$/\\1/p;q}'`"

287

313

288

314

FILECOMMENT="Encrypted password for a Mandos client"

289

315

290

if [ -n "$PASSFILE" ]; then

291

cat "$PASSFILE"

292

else

293

stty -echo

294

echo -n "Enter passphrase: " >&2

295

first="$(head --lines=1 | tr --delete '\n')"

296

echo -n -e "\nRepeat passphrase: " >&2

297

second="$(head --lines=1 | tr --delete '\n')"

298

echo >&2

299

stty echo

300

if [ "$first" != "$second" ]; then

301

echo -e "Passphrase mismatch" >&2

302

touch "$RINGDIR"/mismatch

316

while [ ! -s "$SECFILE" ]; do

317

if [ -n "$PASSFILE" ]; then

318

cat "$PASSFILE"

303

319

else

304

echo -n "$first"

320

tty --quiet && stty -echo

321

echo -n "Enter passphrase: " >&2

322

read first

323

tty --quiet && echo >&2

324

echo -n "Repeat passphrase: " >&2

325

read second

326

if tty --quiet; then

327

echo >&2

328

stty echo

329

330

if [ "$first" != "$second" ]; then

331

echo "Passphrase mismatch" >&2

332

touch "$RINGDIR"/mismatch

333

else

334

echo -n "$first"

335

336

fi | gpg --quiet --batch --no-tty --no-options --enable-dsa2 \

337

--homedir "$RINGDIR" --trust-model always --armor \

338

--encrypt --sign --recipient "$FINGERPRINT" --comment \

339

"$FILECOMMENT" > "$SECFILE"

340

if [ -e "$RINGDIR"/mismatch ]; then

341

rm --force "$RINGDIR"/mismatch

342

if tty --quiet; then

343

> "$SECFILE"

344

else

345

exit 1

346

305

347

306

fi | gpg --quiet --batch --no-tty --no-options --enable-dsa2 \

307

--homedir "$RINGDIR" --trust-model always --armor --encrypt \

308

--sign --recipient "$FINGERPRINT" --comment "$FILECOMMENT" \

309

> "$SECFILE"

310

if [ -e "$RINGDIR"/mismatch ]; then

311

rm --force "$RINGDIR"/mismatch

312

exit 1

313

348

done

314

349

315

350

cat <<-EOF

316

351

[$KEYNAME]

327

362

/^[^-]/s/^/ /p

328

363

}

329

364

}' < "$SECFILE"

365

if [ -n "$ssh_fingerprint" ]; then

366

echo 'checker = ssh-keyscan %%(host)s 2>/dev/null | grep --fixed-strings --line-regexp --quiet --regexp=%%(host)s" %(ssh_fingerprint)s"'

367

echo "ssh_fingerprint = ${ssh_fingerprint}"

368

330

369

331

370

332

371

trap - EXIT

337

376

shred --remove "$SECFILE"

338

377

339

378

# Remove the key rings

340

shred --remove "$RINGDIR"/sec*

379

shred --remove "$RINGDIR"/sec* 2>/dev/null

341

380

rm --recursive --force "$RINGDIR"

Older »