* sort processed keys so that "good" keys are processed after "bad"
keys. This will prevent malicious bad keys from causing good keys to
be removed from key files.
+ * enabled host key publication.
- -- Jameson Graef Rollins <jrollins@phys.columbia.edu> Thu, 14 Aug 2008 21:12:43 -0700
+ -- Jameson Graef Rollins <jrollins@phys.columbia.edu> Fri, 15 Aug 2008 00:48:22 -0700
monkeysphere (0.7-1) experimental; urgency=low
# publish server key to keyserver
publish_server_key() {
- read -p "Really publish key to $KEYSERVER? (y/N) " OK; OK=${OK:=N}
+ read -p "Really publish host key to $KEYSERVER? (y/N) " OK; OK=${OK:=N}
if [ ${OK/y/Y} != 'Y' ] ; then
failure "aborting."
fi
+ # find the key fingerprint
+ fingerprint=$(fingerprint_server_key)
+
# publish host key
# FIXME: need to figure out better way to identify host key
# dummy command so as not to publish fakes keys during testing
# eventually:
- #gpg_authentication "--keyserver $KEYSERVER --send-keys =ssh://$(hostname -f)"
- echo "NOT PUBLISHED (to avoid permanent publication errors during monkeysphere development)."
- echo "The following command should publish the key:"
- echo "monkeysphere-server gpg-authentication-cmd '--keyserver $KEYSERVER --send-keys =ssh://$(hostname -f)'"
- exit 255
+ gpg_authentication "--keyserver $KEYSERVER --send-keys $fingerprint"
}
diagnostics() {