}
# output just key fingerprint
-fingerprint_host_key() {
+# FIXME: should not have to be priviledged user to get host
+# fingerprint. should be taken from publicly accessible key files,
+# instead of the keyring.
+get_host_fingerprint() {
gpg_host --list-secret-keys --fingerprint \
--with-colons --fixed-list-mode 2> /dev/null | \
- grep '^fpr:' | head -1 | cut -d: -f10 2>/dev/null
+ grep '^fpr:' | head -1 | cut -d: -f10 2>/dev/null || true
}
# output the index of a user ID on the host key
show_key() {
local fingerprintSSH
- # FIXME: should not have to be priviledged user to see this info.
- # should be taken from publicly accessible key files, instead of
- # the keyring.
-
gpg_host --fingerprint --list-key --list-options show-unusable-uids \
"0x${HOST_FINGERPRINT}!" 2>/dev/null
+ # FIXME: make sure expiration date is shown
echo "OpenPGP fingerprint: $HOST_FINGERPRINT"
log error "SSH host key not found."
fi
- # FIXME: show expiration date
# FIXME: other relevant key parameters?
}
GNUPGHOME_HOST=${MONKEYSPHERE_GNUPGHOME_HOST:="${MHDATADIR}"}
# host key fingerprint
-HOST_FINGERPRINT=$(fingerprint_host_key)
+HOST_FINGERPRINT=$(get_host_fingerprint)
# host pub key files
HOST_KEY_PUB="${SYSDATADIR}/ssh_host_rsa_key.pub"
local userID
# check for presense of a key
-[ "$FINGERPRINT" ] && \
+[ "$HOST_FINGERPRINT" ] && \
failure "An OpenPGP host key already exists."
# get options
EOF
# find the key fingerprint of the newly converted key
-HOST_FINGERPRINT=$(fingerprint_host_key)
+HOST_FINGERPRINT=$(get_host_fingerprint)
export HOST_FINGERPRINT
# translate the private key to ssh format, and export to a file
local userID
# check for presense of a key
-[ "$FINGERPRINT" ] && \
+[ "$HOST_FINGERPRINT" ] && \
failure "An OpenPGP host key already exists."
hostName=${1:-$(hostname -f)}
gpg_host --import
# find the key fingerprint of the newly converted key
-HOST_FINGERPRINT=$(fingerprint_host_key)
+HOST_FINGERPRINT=$(get_host_fingerprint)
export HOST_FINGERPRINT
# export public key to file
projects / monkeysphere.git / commitdiff