Rechercher une page de manuel
msva-perl
Langue: en
Version: 2010-06-16 (ubuntu - 24/10/10)
Section: 1 (Commandes utilisateur)
Sommaire
NAME
msva-perl - Perl implementation of a Monkeysphere Validation AgentSYNOPSIS
msva-perl [ COMMAND [ ARGS ... ] ]
ABSTRACT
msva-perl provides a Perl implementation of the Monkeysphere Validation Agent, a certificate validation service.INTRODUCTION
The Monkeysphere Validation Agent offers a local service for tools to validate certificates (both X.509 and OpenPGP) and other public keys.Clients of the validation agent query it with a public key carrier (a raw public key, or some flavor of certificate), the supposed name of the remote peer offering the pubkey, and the context in which the validation check is relevant (e.g. ssh, https, etc).
The validation agent then tells the client whether it was able to successfully validate the peer's use of the public key in the given context.
msva-perl relies on monkeysphere(1), which uses the user's OpenPGP web of trust to validate the peer's use of public keys.
USAGE
Launched with no arguments, msva-perl simply runs and listens forever.Launched with arguments, it sets up a listener, spawns a subprocess using the supplied command and arguments, but with the MONKEYSPHERE_VALIDATION_AGENT_SOCKET environment variable set to refer to its listener. When the subprocess terminates, msva-perl tears down the listener and exits as well, returning the same value as the subprocess.
This is a similar invocation pattern to that of ssh-agent(1).
ENVIRONMENT VARIABLES
msva-perl is configured by means of environment variables.- MSVA_LOG_LEVEL
- msva-perl logs messages about its operation to stderr. MSVA_LOG_LEVEL controls its verbosity, and should be one of (in increasing verbosity): silent, quiet, fatal, error, info, verbose, debug, debug1, debug2, debug3. Default is 'error'.
- MSVA_ALLOWED_USERS
- If your system is capable of it, msva-perl tries to figure out the owner of the connecting client. If MSVA_ALLOWED_USERS is unset, msva-perl will only permit connections from the user msva is running as. If you set MSVA_ALLOWED_USERS, msva-perl will treat it as a list of local users (by name or user ID) who are allowed to connect.
- MSVA_PORT
- msva-perl listens on a local TCP socket to facilitate access. You can choose what port to bind to by setting MSVA_PORT. Default is to bind on an arbitrary open port.
COMMUNICATION PROTOCOL DETAILS
Communications with the Monkeysphere Validation Agent are in the form of JSON requests over plain HTTP. Responses from the agent are also JSON objects. For details on the structure of the requests and responses, please see http://web.monkeysphere.info/validation-agent/protocolSECURITY CONSIDERATIONS
msva-perl deliberately binds to the loopback adapter (via named lookup of ``localhost'') so that remote users do not get access to the daemon. On systems (like Linux) which report ownership of TCP sockets in /proc/net/tcp, msva-perl will refuse access from random users (see MSVA_ALLOWED_USERS above).SEE ALSO
monkeysphere(1), monkeysphere(7), ssh-agent(1)BUGS AND FEEDBACK
Bugs or feature requests for msva-perl should be filed with the Monkeysphere project's bug tracker at https://labs.riseup.net/code/projects/monkeysphere/issues/AUTHORS AND CONTRIBUTORS
Daniel Kahn Gillmor <dkg@fifthhorseman.net<gt>The Monkeysphere Team http://web.monkeysphere.info/
COPYRIGHT AND LICENSE
Copyright AX Daniel Kahn Gillmor and others from the Monkeysphere team. msva-perl is free software, distributed under the GNU Public License, version 3 or later.Contenus ©2006-2024 Benjamin Poulain
Design ©2006-2024 Maxime Vantorre