From 6fb350a883fa4d8b1bc9b5e01cc3b01c96354d08 Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Fri, 15 Aug 2008 00:49:49 -0700 Subject: [PATCH] enabled host key publication. be aware. --- debian/changelog | 3 ++- src/monkeysphere-server | 11 +++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/debian/changelog b/debian/changelog index 0d6155e..160d1d6 100644 --- a/debian/changelog +++ b/debian/changelog @@ -11,8 +11,9 @@ monkeysphere (0.8-1) UNRELEASED; urgency=low * sort processed keys so that "good" keys are processed after "bad" keys. This will prevent malicious bad keys from causing good keys to be removed from key files. + * enabled host key publication. - -- Jameson Graef Rollins Thu, 14 Aug 2008 21:12:43 -0700 + -- Jameson Graef Rollins Fri, 15 Aug 2008 00:48:22 -0700 monkeysphere (0.7-1) experimental; urgency=low diff --git a/src/monkeysphere-server b/src/monkeysphere-server index 598c3f7..3259e33 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -414,20 +414,19 @@ revoke_hostname() { # publish server key to keyserver publish_server_key() { - read -p "Really publish key to $KEYSERVER? (y/N) " OK; OK=${OK:=N} + read -p "Really publish host key to $KEYSERVER? (y/N) " OK; OK=${OK:=N} if [ ${OK/y/Y} != 'Y' ] ; then failure "aborting." fi + # find the key fingerprint + fingerprint=$(fingerprint_server_key) + # publish host key # FIXME: need to figure out better way to identify host key # dummy command so as not to publish fakes keys during testing # eventually: - #gpg_authentication "--keyserver $KEYSERVER --send-keys =ssh://$(hostname -f)" - echo "NOT PUBLISHED (to avoid permanent publication errors during monkeysphere development)." - echo "The following command should publish the key:" - echo "monkeysphere-server gpg-authentication-cmd '--keyserver $KEYSERVER --send-keys =ssh://$(hostname -f)'" - exit 255 + gpg_authentication "--keyserver $KEYSERVER --send-keys $fingerprint" } diagnostics() { -- 2.26.2