Provided by: monkeysphere_0.22-1_i386 bug

NAME

       monkeysphere - ssh authentication framework using OpenPGP Web of Trust

DESCRIPTION

       MonkeySphere  is  a  framework to leverage the OpenPGP Web of Trust for
       ssh authentication.  OpenPGP keys are tracked via GnuPG, and  added  to
       the  authorized_keys  and  known_hosts files used by ssh for connection
       authentication.

IDENTITY CERTIFIERS

       FIXME: describe identity certifier concept

KEY ACCEPTABILITY

       During  known_host  and  authorized_keys  updates,   the   monkeysphere
       commands  work  from a set of user IDs to determine acceptable keys for
       ssh authentication.  OpenPGP keys  are  considered  acceptable  if  the
       following criteria are met:

       capability
              The key must have the "authentication" ("a") usage flag set.

       validity
              The  key  itself must be valid, i.e. it must be well-formed, not
              expired, and not revoked.

       certification
              The relevant user ID  must  be  signed  by  a  trusted  identity
              certifier.

HOST IDENTIFICATION

       The  OpenPGP  keys  for hosts have associated user IDs that use the ssh
       URI specification for the host, i.e. "ssh://host.full.domain[:port]".

AUTHOR

       Written by Jameson Rollins  <jrollins@fifthhorseman.net>,  Daniel  Kahn
       Gillmor <dkg@fifthhorseman.net>

SEE ALSO

       monkeysphere(1),        monkeysphere-server(8),       monkeysphere-ssh-
       proxycommand(1),  gpg(1),  ssh(1),  http://tools.ietf.org/html/rfc4880,
       http://tools.ietf.org/wg/secsh/draft-ietf-secsh-scp-sftp-ssh-uri/