added monkeysphere-server show-fingerprint

2 files changed, 18 insertions, 2 deletions

diff --git a/man/man8/monkeysphere-server.8 b/man/man8/monkeysphere-server.8
index edb493f..28149fb 100644
--- a/man/man8/monkeysphere-server.8
+++ b/man/man8/monkeysphere-server.8
@@ -34,9 +34,13 @@ may be used in place of `update-known_hosts'.
 Generate a gpg key for the host.  `g' may be used in place of
 `gen-key'.
 .TP
+.B show-fingerprint
+Show the fingerprint for the host's OpenPGP key.  `f' may be used in place of
+`show-fingerprint'.
+.TP
 .B publish-key
 Publish the host's gpg key to the keyserver.  `p' may be used in place
-of `publish-key'
+of `publish-key'.
 .TP
 .B trust-keys KEYID...
 Mark key specified with key IDs with full owner trust.  `t' may be used
diff --git a/src/monkeysphere-server b/src/monkeysphere-server
index 06c9c7f..ce5aa9c 100755
--- a/src/monkeysphere-server
+++ b/src/monkeysphere-server
@@ -76,6 +76,9 @@ EOF
 )
 
     # add the revoker field if requested
+# FIXME: the 1: below assumes that $REVOKER's key is an RSA key.  why?
+# FIXME: why is this marked "sensitive"?  how will this signature ever
+# be transmitted to the expected revoker?
     if [ "$REVOKER" ] ; then
 	keyParameters="${keyParameters}"$(cat <<EOF
 
@@ -106,7 +109,12 @@ EOF
 
     log -n "generating server key... "
     echo "$keyParameters" | gpg --batch --gen-key
-    loge "done."
+    log "done."
+    fingerprint_server_key
+}
+
+fingerprint_server_key() {
+    gpg --fingerprint --list-secret-keys =ssh://$(hostname --fqdn)
 }
 
 ########################################################################
@@ -195,6 +203,10 @@ case $COMMAND in
 	gen_key "$1"
 	;;
 
+    'show-fingerprint'|'f')
+	fingerprint_server_key
+	;;
+
     'publish-key'|'p')
 	publish_server_key
 	;;