KunterBuntesSeminar-WS11/Lightning Talks 2/Monkeysphere: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(init) |
Keine Bearbeitungszusammenfassung |
||
| (3 dazwischenliegende Versionen von 2 Benutzern werden nicht angezeigt) | |||
| Zeile 49: | Zeile 49: | ||
==== This is how we create a key: ==== | ==== This is how we create a key: ==== | ||
monkeysphere−host import−key / etc / ssh / ssh_host_r sa_key ssh : // | monkeysphere−host import−key / etc / ssh / ssh_host_r sa_key ssh : // m o m o . e x a m p l e . o r g | ||
That is what a key looks like: | That is what a key looks like: | ||
momo : / etc / ssh# monkeysphere−host show−key | |||
pub | pub | ||
2048 R / EF569B13 2012−01−22 | 2048 R / EF569B13 2012−01−22 | ||
uid | uid | ||
ssh : // | ssh : // m o m o . e x a m p l e . o r g | ||
OpenPGP fingerprint : 2 B 4 1 5 2 5 D 5 2 E 6 1 8 8 B A 8 3 6 B 2 B 7 7 D C 7 E F 2 1 E F 5 6 9 B 1 3 | OpenPGP fingerprint : 2 B 4 1 5 2 5 D 5 2 E 6 1 8 8 B A 8 3 6 B 2 B 7 7 D C 7 E F 2 1 E F 5 6 9 B 1 3 | ||
ssh fingerprint : 2048 6 7 : cf : a1 : 7 3 : 8 9 : d2 : 5 2 : a8 : 7 7 : 9 0 : 9 8 : 1 f : f6 : 6 b : f0 : dc ( RSA ) | ssh fingerprint : 2048 6 7 : cf : a1 : 7 3 : 8 9 : d2 : 5 2 : a8 : 7 7 : 9 0 : 9 8 : 1 f : f6 : 6 b : f0 : dc ( RSA ) | ||
| Zeile 66: | Zeile 66: | ||
== Referent == | == Referent == | ||
momo: Ich bin per jabber (post@bjoernb.org) oder mail (4bewersd@inf) zu erreichen, oder ab und an im c.t.. | |||
== Folien == | == Folien == | ||
Aktuelle Version vom 7. Februar 2020, 15:41 Uhr
Dies ist der 13. Termin vom KunterBuntenSeminar im WS 2011/12.
Ort: Raum C-221 am Informatikum
Datum: 26. Januar 2012
Zeit: 19:45 bis 19:52
Dieser Lightning Talk wurde in der zweiten Lightning Talk Session des KunterBuntenSeminars im Wintersemester 2011 gehalten.
Monkeysphere[Bearbeiten]
In diesem Vortrag wurde Monkeysphere vorgestellt.
Folien als Text[Bearbeiten]
What is a monkeysphere?[Bearbeiten]
- Sorry it is not about animals like you might think
- It is about us, living in a monkeysphere
- It is about identifying someone as person
- It is about your peers living in a monkeysphere
- It is about authentication, as we need it for authorization andconfidentiality
Trust relationships[Bearbeiten]
Whom should we trust?
- Should we trust some certificate authorities?
- We do not know how they certificate some service
- We even do not know them, do we?
- Why not trust the people we already know and have relationship to?
adding services to the web of trust[Bearbeiten]
What we have is the Web of trust, that reflects trust relationships transitively.
- People we know sign services like ssh, https
- We use a service:
- monkeysphere gets the keys
- monkeysphere checks trust relations
- monkeysphere grants us access to a service, if we do trust if we do not trust monkeysphere provides us with the old way
Extending the web of trust[Bearbeiten]
How does this work then?
- create pgp-key with service-protocol and fqdn as uid
- sign the pgp-key
- export the pgp-key to the web of trust
- let others sign the key
What do we get out of this?
- trusting people we know to authenticate a service to us
- getting around calling server administrators asking for fingerprints
This is how we create a key:[Bearbeiten]
monkeysphere−host import−key / etc / ssh / ssh_host_r sa_key ssh : // m o m o . e x a m p l e . o r g
That is what a key looks like:
momo : / etc / ssh# monkeysphere−host show−key pub 2048 R / EF569B13 2012−01−22 uid ssh : // m o m o . e x a m p l e . o r g OpenPGP fingerprint : 2 B 4 1 5 2 5 D 5 2 E 6 1 8 8 B A 8 3 6 B 2 B 7 7 D C 7 E F 2 1 E F 5 6 9 B 1 3 ssh fingerprint : 2048 6 7 : cf : a1 : 7 3 : 8 9 : d2 : 5 2 : a8 : 7 7 : 9 0 : 9 8 : 1 f : f6 : 6 b : f0 : dc ( RSA )
Quellen und Dokumentation[Bearbeiten]
Es ist hilfreich die Dokumentation gewissenhaft durchzulesen. Die Dokumentation findet ihr unter den Weblinks.
Referent[Bearbeiten]
momo: Ich bin per jabber (post@bjoernb.org) oder mail (4bewersd@inf) zu erreichen, oder ab und an im c.t..