Project

General

Profile

Feature #6515

Feature #6338: User-friendly keysigning that verifies that key belongs to the recipient

Install monkeyscan dependencies

Added by intrigeri over 5 years ago. Updated almost 5 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
-
Target version:
Start date:
12/18/2013
Due date:
% Done:

100%

Feature Branch:
feature/monkeysign
Type of work:
Code
Blueprint:
Starter:
No
Affected tool:

Description

... for QRcode-based keysigning.

error - complete terminal log (2.59 KB) hyas, 06/22/2014 04:06 PM

History

#1 Updated by intrigeri over 5 years ago

  • Target version deleted (Tails_0.23)

#2 Updated by intrigeri over 5 years ago

  • % Done changed from 0 to 10

Done in the branch, but on the spare laptop I have at hand, the camera is not activated by monkeyscan, while it works fine with Cheese.

#3 Updated by intrigeri about 5 years ago

  • Status changed from Confirmed to In Progress

#4 Updated by intrigeri about 5 years ago

Sent a call for testing to tails-testers@ and tails-dev@.

#5 Updated by hyas about 5 years ago

I used that ISO to test: tails-i386-experimental-1.1-20140620T0733Z-db41449.iso

I generated a new PGP key, then I made a QR code with your fingerprint.

My cam worked well on the first start of monkeyscan and I could scan the QR with your fingerprint.

However, I had an error when I had to sign your key. I clicked of the first message to sign your keys but when I clicked on the second message to confirm. Got that error (more attached in the file below):

File "/usr/lib/python2.7/dist-packages/monkeysign/gpg.py", line 504, in sign_key
    raise GpgRuntimeError(self.context.returncode, _('unable to open key for editing: %s') % self.context.stderr.decode('utf-8'))

Hope I got the correct idea about the purpose of this software.

Cheers!

#6 Updated by intrigeri about 5 years ago

Thanks a lot for trying this out!

However, I had an error when I had to sign your key. I clicked of the first message
to sign your keys but when I clicked on the second message to confirm. Got that error
(more attached in the file below):

It seems that monkeysign failed to pick a private key to sign with.
It might be that one needs to either set default-key in gpg.conf,
or use monkeyscan's --user option. May you please try that?

If it works, then "great", it means that monkeyscan does work, but one
should report a bug against the package (if not existing yet) for its
poor communication of this failure mode to the user.

If it doesn't work either, please try monkeysign, so that we know if
the culprit lies in monkeyscan itself, or somewhere lower in
the stack.

#7 Updated by hyas about 5 years ago

Actually, I tried to sign one of your expired key! I think this explain the error above.

Now, I can type in my passphrase but the issue might be that monkeyscan cannot send email:

amnesia@amnesia:~$ monkeyscan
Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/monkeysign/gtkui.py", line 384, in watch_out_callback
    self.msui.export_key()
  File "/usr/lib/python2.7/dist-packages/monkeysign/ui.py", line 326, in export_key
    self.sendmail(msg)
  File "/usr/lib/python2.7/dist-packages/monkeysign/ui.py", line 358, in sendmail
    p = subprocess.Popen(['/usr/sbin/sendmail', '-t'], stdin=subprocess.PIPE)
  File "/usr/lib/python2.7/subprocess.py", line 679, in __init__
    errread, errwrite)
  File "/usr/lib/python2.7/subprocess.py", line 1259, in _execute_child
    raise child_exception
OSError: [Errno 2] No such file or directory

#8 Updated by intrigeri about 5 years ago

Actually, I tried to sign one of your expired key!

https://bugs.debian.org/723763

Now, I can type in my passphrase but the issue might be that monkeyscan cannot send email:

Yes, that's one of the next blockers for nicely integrating
monkeyscan/monkeysign into Tails: https://bugs.debian.org/732411

But the point of this ticket is only to validate the camera/qrcode thing.

So, may you please retry with the --no-mail option?

#9 Updated by hyas about 5 years ago

It worked well with a second camera and the following option:
monkeyscan --no-mail
After signing the key, I had a big pop-up taking more than the whole screen and I could copy/paste the signature to a text file.

#10 Updated by intrigeri about 5 years ago

It worked well with a second camera and the following option:
monkeyscan --no-mail
After signing the key, I had a big pop-up taking more than the whole screen and
I could copy/paste the signature to a text file.

Thanks for testing! I'm now going to request a review'n'merge for Tails 1.2.

#11 Updated by intrigeri about 5 years ago

  • Assignee changed from intrigeri to anonym
  • Target version set to Tails_1.2
  • % Done changed from 10 to 50
  • QA Check set to Ready for QA

#12 Updated by intrigeri about 5 years ago

  • Assignee deleted (anonym)

#13 Updated by anonym almost 5 years ago

  • Status changed from In Progress to Fix committed
  • % Done changed from 50 to 100
  • QA Check changed from Ready for QA to Pass

#14 Updated by anonym almost 5 years ago

  • Status changed from Fix committed to Resolved

Also available in: Atom PDF