diff options
| author | Daniel Kahn Gillmor <dkg@fifthhorseman.net> | 2008-06-22 00:22:42 -0400 |
|---|---|---|
| committer | Daniel Kahn Gillmor <dkg@fifthhorseman.net> | 2008-06-22 00:22:42 -0400 |
| commit | c911568316173454e5286c7253dc88f3fb5679e5 (patch) | |
| tree | 20998eadafce074aa46d78ef27e3134be7c0e534 /src/common | |
| parent | 4ae6630069f48d714115c18d6f9e1433f90673b6 (diff) | |
| parent | d263f30d4fe03d1976ecd899ba2482cb870c2a4d (diff) | |
Merge commit 'jrollins/master'
Diffstat (limited to 'src/common')
| -rw-r--r-- | src/common | 28 |
1 files changed, 19 insertions, 9 deletions
@@ -103,8 +103,9 @@ translate_ssh_variables() { # get the user's home directory userHome=$(getent passwd "$uname" | cut -d: -f6) - # translate ssh-style path variables + # translate '%u' to user name path=${path/\%u/"$uname"} + # translate '%h' to user home directory path=${path/\%h/"$userHome"} echo "$path" @@ -123,6 +124,17 @@ gpg2ssh() { gpg --export "$keyID" | openpgp2ssh "$keyID" 2> /dev/null } +# output the ssh key for a given secret key ID +gpgsecret2ssh() { + local keyID + + #keyID="$1" #TMP + # only use last 16 characters until openpgp2ssh can take all 40 #TMP + keyID=$(echo "$1" | cut -c 25-) #TMP + + gpg --export-secret-key "$keyID" | openpgp2ssh "$keyID" 2> /dev/null +} + # output known_hosts line from ssh key ssh2known_hosts() { local host @@ -206,8 +218,8 @@ get_key_fingerprint() { keyID="$1" gpg --list-key --with-colons --fixed-list-mode \ - --with-fingerprint "$keyID" | grep "$keyID" | \ - grep '^fpr:' | cut -d: -f10 + --with-fingerprint --with-fingerprint "$keyID" | \ + grep '^fpr:' | grep "$keyID" | cut -d: -f10 } ######################################################################## @@ -522,8 +534,7 @@ process_authorized_keys() { trust_key() { # get the key from the key server if ! gpg --keyserver "$KEYSERVER" --recv-key "$keyID" ; then - log "could not retrieve key '$keyID'" - return 1 + failure "Could not retrieve key '$keyID'." fi # get key fingerprint @@ -537,9 +548,9 @@ trust_key() { # import "full" trust for fingerprint into gpg echo ${fingerprint}:5: | gpg --import-ownertrust if [ $? = 0 ] ; then - log "owner trust updated." + log "Owner trust updated." else - failure "there was a problem changing owner trust." + failure "There was a problem changing owner trust." fi } @@ -555,7 +566,6 @@ publish_server_key() { # dummy command so as not to publish fakes keys during testing # eventually: #gpg --keyserver "$KEYSERVER" --send-keys $(hostname -f) - echo "NOT PUBLISHED (to avoid permanent publication errors during monkeysphere development). + failure "NOT PUBLISHED (to avoid permanent publication errors during monkeysphere development). To publish manually, do: gpg --keyserver $KEYSERVER --send-keys $(hostname -f)" - return 1 } |