diff options
author | Daniel Kahn Gillmor <dkg@fifthhorseman.net> | 2009-02-20 12:27:01 -0500 |
---|---|---|
committer | Daniel Kahn Gillmor <dkg@fifthhorseman.net> | 2009-02-20 12:27:01 -0500 |
commit | 10888c602170f6157ff43a81bad920babdd6a59e (patch) | |
tree | d54791d162953d2761b71e1ff3ef448a6c8de315 /src/monkeysphere-host | |
parent | 9b47ae89c3840eb2af9a57a885e19ccbe36957d5 (diff) |
monkeysphere-host revoke-key should now be capable of publishing the
revocation certificate to the keyservers directly, should the admin
want that.
It can also run without prompting, if MONKEYSPHERE_PROMPT=false. In
the no-prompts case, it never publishes to the keyserver, it indicates
that the key was compromised, and it writes a boilerplate description
to make it easy to identify this kind of certificate.
Diffstat (limited to 'src/monkeysphere-host')
-rwxr-xr-x | src/monkeysphere-host | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/src/monkeysphere-host b/src/monkeysphere-host index 4c7df88..efa48cd 100755 --- a/src/monkeysphere-host +++ b/src/monkeysphere-host @@ -56,12 +56,13 @@ Monkeysphere host admin tool. subcommands: import-key (i) FILE [NAME[:PORT]] import existing ssh key to gpg show-key (s) output all host key information + publish-key (p) publish host key to keyserver set-expire (e) [EXPIRE] set host key expiration add-hostname (n+) NAME[:PORT] add hostname user ID to host key revoke-hostname (n-) NAME[:PORT] revoke hostname user ID - add-revoker (o) [KEYID|FILE] add a revoker to the host key - revoke-key (r) revoke host key - publish-key (p) publish host key to keyserver + add-revoker (r+) [KEYID|FILE] add a revoker to the host key + revoke-key generate and/or publish revocation + certificate for host key version (v) show version number help (h,?) this help @@ -268,14 +269,14 @@ case $COMMAND in revoke_hostname "$@" ;; - 'add-revoker'|'o') + 'add-revoker'|'r+') check_host_no_key load_fingerprint source "${MHSHAREDIR}/add_revoker" add_revoker "$@" ;; - 'revoke-key'|'r') + 'revoke-key') check_host_no_key load_fingerprint source "${MHSHAREDIR}/revoke_key" |