SYSDATADIR=${MONKEYSPHERE_SYSDATADIR:-"/var/lib/monkeysphere/host"}
export SYSDATADIR
-# monkeysphere temp directory, in sysdatadir to enable atomic moves of
-# authorized_keys files
-MSTMPDIR="${SYSDATADIR}/tmp"
-export MSTMPDIR
-
# UTC date in ISO 8601 format if needed
DATE=$(date -u '+%FT%T')
publish-key (p) publish server host key to keyserver
expert
- import-key (i) import existing ssh key to gpg
- --hostname (-h) NAME[:PORT] hostname for key user ID
+ import-key (i) [NAME[:PORT]] import existing ssh key to gpg
--keyfile (-f) FILE key file to import
--expire (-e) EXPIRE date to expire
- gen-key (g) generate gpg key for the host
- --hostname (-h) NAME[:PORT] hostname for key user ID
+ gen-key (g) [NAME[:PORT]] generate gpg key for the host
--length (-l) BITS key length in bits (2048)
--expire (-e) EXPIRE date to expire
- --revoker (-r) FINGERPRINT add a revoker
diagnostics (d) monkeysphere host status
version (v) show version number
local keyLength="2048"
local keyUsage="auth"
local keyExpire
-local revoker
local hostName=$(hostname -f)
local userID
local keyParameters
keyExpire="$2"
shift 2
;;
- -r|--revoker)
- revoker="$2"
- shift 2
- ;;
*)
if [ "$(echo "$1" | cut -c 1)" = '-' ] ; then
failure "Unknown option '$1'.
Name-Real: $userID
Expire-Date: $keyExpire"
-# add the revoker field if specified
-# FIXME: the "1:" below assumes that $REVOKER's key is an RSA key.
-# FIXME: key is marked "sensitive"? is this appropriate?
-if [ "$revoker" ] ; then
- keyParameters=\
-"${keyParameters}
-Revoker: 1:${revoker} sensitive"
-fi
-
echo "The following key parameters will be used for the host private key:"
echo "$keyParameters"