summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJameson Graef Rollins <jrollins@finestructure.net>2009-02-19 12:29:47 -0500
committerJameson Graef Rollins <jrollins@finestructure.net>2009-02-19 12:29:47 -0500
commitc073811aa573d0e3486c39ed9514c46e0a7a077f (patch)
treecde598b94365bbe697d85ac6ca418cb94f2b4d26
parent930822a6e672c28c06f78e9d8250cda07248f129 (diff)
modify import_key to take the key file to import as an argument. can be '-' to import from stdin. modify man page and test accordingly.
-rw-r--r--man/man8/monkeysphere-host.813
-rwxr-xr-xsrc/monkeysphere-host16
-rw-r--r--src/share/mh/import_key21
-rwxr-xr-xtests/basic2
4 files changed, 32 insertions, 20 deletions
diff --git a/man/man8/monkeysphere-host.8 b/man/man8/monkeysphere-host.8
index 6c97315..f33aea6 100644
--- a/man/man8/monkeysphere-host.8
+++ b/man/man8/monkeysphere-host.8
@@ -23,9 +23,10 @@ connection authentication.
\fBmonkeysphere-host\fP takes various subcommands:
.TP
-.B import-key [NAME[:PORT]]
-Import a pem-encoded ssh secret host key, from stdin. NAME[:PORT] is
-used to specify the hostname (and port) used in the user ID of the new
+.B import-key FILE [NAME[:PORT]]
+Import a pem-encoded ssh secret host key from file FILE. If FILE
+is '-', then the key will be imported from stdin. NAME[:PORT] is used
+to specify the hostname (and port) used in the user ID of the new
OpenPGP key. If NAME is not specified, then the system
fully-qualified domain name will be used (ie. `hostname -f'). If PORT
is not specified, the no port is added to the user ID, which means
@@ -35,11 +36,11 @@ port 22 is assumed. `i' may be used in place of `import-key'.
Output information about host's OpenPGP and SSH keys. `s' may be used
in place of `show-key'.
.TP
-.B extend-key EXPIRE
+.B extend-key [EXPIRE]
Extend the validity of the OpenPGP key for the host until EXPIRE from
the present. If EXPIRE is not specified, then the user will be
-prompted for the extension term. Expiration is specified like GnuPG
-does:
+prompted for the extension term. Expiration is specified as with
+GnuPG:
.nf
0 = key does not expire
<n> = key expires in n days
diff --git a/src/monkeysphere-host b/src/monkeysphere-host
index a67715f..9d703c2 100755
--- a/src/monkeysphere-host
+++ b/src/monkeysphere-host
@@ -54,9 +54,9 @@ usage: $PGRM <subcommand> [options] [args]
Monkeysphere host admin tool.
subcommands:
- import-key (i) [NAME[:PORT]] import existing ssh key to gpg
+ import-key (i) FILE [NAME[:PORT]] import existing ssh key to gpg
show-key (s) output all host key information
- set-expire (e) EXPIRE set host key expiration
+ set-expire (e) [EXPIRE] set host key expiration
add-hostname (n+) NAME[:PORT] add hostname user ID to host key
revoke-hostname (n-) NAME[:PORT] revoke hostname user ID
add-revoker (o) FINGERPRINT add a revoker to the host key
@@ -236,6 +236,12 @@ COMMAND="$1"
shift
case $COMMAND in
+ 'import-key'|'i')
+ check_host_key
+ source "${MHSHAREDIR}/import_key"
+ import_key "$@"
+ ;;
+
'show-key'|'show'|'s')
check_host_no_key
show_key
@@ -283,12 +289,6 @@ case $COMMAND in
publish_key
;;
- 'import-key'|'i')
- check_host_key
- source "${MHSHAREDIR}/import_key"
- import_key "$@"
- ;;
-
'diagnostics'|'d')
load_fingerprint
source "${MHSHAREDIR}/diagnostics"
diff --git a/src/share/mh/import_key b/src/share/mh/import_key
index bca7319..6394ad7 100644
--- a/src/share/mh/import_key
+++ b/src/share/mh/import_key
@@ -13,11 +13,13 @@
import_key() {
+local sshKeyFile
local hostName
local domain
local userID
-hostName="$1"
+sshKeyFile="$1"
+hostName="$2"
# use the default hostname if not specified
if [ -z "$hostName" ] ; then
@@ -42,10 +44,19 @@ mkdir -p "${MHDATADIR}"
mkdir -p "${GNUPGHOME_HOST}"
chmod 700 "${GNUPGHOME_HOST}"
-log verbose "importing ssh key..."
-# translate ssh key to a private key
-PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" \
- | gpg_host --import
+# import ssh key to a private key
+if [ -z "$sshKeyFile" ] ; then
+ failure "Must specify ssh key file to import, or specify '-' for stdin."
+elif [ "$sshKeyFile" = '-' ] ; then
+ log verbose "importing ssh key from stdin..."
+ PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" \
+ | gpg_host --import
+else
+ log verbose "importing ssh key from file '$sshKeyFile'..."
+ PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" \
+ <"$sshKeyFile" \
+ | gpg_host --import
+fi
# load the new host fpr into the fpr variable. this is so we can
# create the gpg pub key file. we have to do this from the secret key
diff --git a/tests/basic b/tests/basic
index dea393f..0b91531 100755
--- a/tests/basic
+++ b/tests/basic
@@ -185,7 +185,7 @@ EOF
echo "##################################################"
echo "### import host key..."
ssh-keygen -b 1024 -t rsa -N '' -f "$TEMPDIR"/ssh_host_rsa_key
-monkeysphere-host import-key testhost < "$TEMPDIR"/ssh_host_rsa_key
+monkeysphere-host import-key "$TEMPDIR"/ssh_host_rsa_key testhost
echo "##################################################"
echo "### getting host key fingerprint..."