[arch-dev-public] Remote PGP signing service (proof of concept)
Dan McGee
dpmcgee at gmail.com
Tue Jan 3 13:16:36 EST 2012
On Sat, Dec 31, 2011 at 7:08 AM, Thomas Bächler <thomas at archlinux.org> wrote:
> Am 30.12.2011 20:38, schrieb Rémy Oudompheng:
>> I just wrote a small proof of concept for remote PGP signing.
>> It is written in Go (using the weekly snapshot, not the
>> r60 release), and is hosted at:
>> https://github.com/remyoudompheng/remotepgp
>>
>> Usage is quite simple:
>> - compile everything
>> - run the server on the appropriate machine, for example
>> ./server -addr localhost:10022
>> (by default it binds on localhost)
>> - choose a remote file name
>> - run the client:
>> ./client -server http://localhost:10022/hash /home/remy/packages/blah
>>
>> It does the following:
>> - looks for the secret keyring in $HOME/.gnupg/secring.gpg
>> - chooses the first secret key and asks for the passphrase if needed
>> - sends a little chunk of bytes to the server
>> - the server hashes the concatenation of the file and the little chunk
>> and returns the hash
>> - the client finishes the signature process and writes blah.sig in the
>> current directory.
>
> I didn't try this yet, but here is an important comment: When using IP
> networking for the connection, everyone on the server could access the
> service. Instead, you could run a service over ssh (like sftp-server),
> and open a UNIX socket with that service. Then, you can control who has
> access (only the user that runs the service).
>
> Apart from that, I like it :)
This is really cool. I'll definitely be taking a closer look at this
when I have time.
It does seem a bit ridiculous there are no simple signature-only
programs out there. This is the closest thing I found:
http://www.cypherspace.org/openpgp/pgpdsa/
I agree with Thomas on perhaps thinking about a socket-based protocol
for security purposes; the same binary could even be used client and
server side; something like
$ remotesign dmcgee at hostname:/path/to/my/file
would interpret the URL ala scp, and call something like
$ remotesign --genhash /path/to/my/file
on the remote host, taking on stdin the suffix bytes or whatever magic
it is that is needed to be incorporated to the hash, and writing the
result back on stdout.
Of course this is me spitting ideas; you actually put up the code so
you're about 100x more awesome right now.
-Dan
More information about the arch-dev-public
mailing list