Man Linux: Main Page and Category List


       monkeysphere  -  ssh and TLS authentication framework using OpenPGP Web
       of Trust


       Monkeysphere is a framework to leverage the OpenPGP web  of  trust  for
       OpenSSH and TLS key-based authentication.  OpenPGP keys are tracked via
       GnuPG, and added to the authorized_keys and known_hosts files  used  by
       OpenSSH  for  connection authentication.  Monkeysphere can also be used
       by a validation agent to validate TLS connections (e.g. https).


       Each host that uses the Monkeysphere to authenticate its  remote  users
       needs  some way to determine that those users are who they claim to be.
       SSH permits key-based authentication,  but  we  want  instead  to  bind
       authenticators  to  human-comprehensible  user identities.  This switch
       from raw keys to User IDs makes it possible for administrators  to  see
       intuitively who has access to an account, and it also enables end users
       to transition keys (and revoke compromised ones)  automatically  across
       all  Monkeysphere-enabled  hosts.  The User IDs and certifications that
       the Monkeysphere relies on are found in the OpenPGP Web of Trust.

       However, in order to establish this binding, each host must know  whose
       cerifications  to  trust.   Someone  who  a host trusts to certify User
       Identities is called an Identity Certifier.  A host must have at  least
       one  Identity  Certifier  in order to bind User IDs to keys.  Commonly,
       every ID Certifier would be trusted by the host to fully  identify  any
       User  ID,  but  more  nuanced  approaches  are  possible  as well.  For
       example, a given host could specify a dozen ID certifiers,  but  assign
       them  all  "marginal"  trust.   Then any given User ID would need to be
       certified in the OpenPGP Web of  Trust  by  at  least  three  of  those

       It  is  also  possible  to  limit  the  scope  of  trust for a given ID
       Certifier to a particular domain.  That is, a host can be configured to
       fully  (or  marginally)  trust a particular ID Certifier only when they
       certify identities  within,  say,  (based  on  the  e-mail
       address in the User ID).


       The  monkeysphere  commands  work  from  a set of user IDs to determine
       acceptable keys for ssh  and  TLS  authentication.   OpenPGP  keys  are
       considered acceptable if the following criteria are met:

              The key must have the ‘authentication’ (‘a’) usage flag set.

              The  key  itself must be valid, i.e. it must be well-formed, not
              expired, and not revoked.

              The relevant user ID  must  be  signed  by  a  trusted  identity


       The  OpenPGP  keys  for  hosts have associated ‘service names‘ (OpenPGP
       user IDs) that are based on URI specifications for the  service.   Some

       ssh:   ssh://[:port]



       Written  by:  Jameson Rollins <>, Daniel Kahn
       Gillmor <>


       monkeysphere(1), monkeysphere-host(8),  monkeysphere-authentication(8),
       openpgp2ssh(1),                 pem2openpgp(1),                 gpg(1),,                             ssh(1),