monkeysphere-host revoke-key should now be capable of publishing the

revocation certificate to the keyservers directly, should the admin
want that.

It can also run without prompting, if MONKEYSPHERE_PROMPT=false.  In
the no-prompts case, it never publishes to the keyserver, it indicates
that the key was compromised, and it writes a boilerplate description
to make it easy to identify this kind of certificate.

1 files changed, 6 insertions, 5 deletions

diff --git a/src/monkeysphere-host b/src/monkeysphere-host
index 4c7df88..efa48cd 100755
--- a/src/monkeysphere-host
+++ b/src/monkeysphere-host
@@ -56,12 +56,13 @@ Monkeysphere host admin tool.
 subcommands:
  import-key (i) FILE [NAME[:PORT]]   import existing ssh key to gpg
  show-key (s)                        output all host key information
+ publish-key (p)                     publish host key to keyserver
  set-expire (e) [EXPIRE]             set host key expiration
  add-hostname (n+) NAME[:PORT]       add hostname user ID to host key
  revoke-hostname (n-) NAME[:PORT]    revoke hostname user ID
- add-revoker (o) [KEYID|FILE]        add a revoker to the host key
- revoke-key (r)                      revoke host key
- publish-key (p)                     publish host key to keyserver
+ add-revoker (r+) [KEYID|FILE]        add a revoker to the host key
+ revoke-key                          generate and/or publish revocation
+                                     certificate for host key
 
  version (v)                         show version number
  help (h,?)                          this help
@@ -268,14 +269,14 @@ case $COMMAND in
 	revoke_hostname "$@"
 	;;
 
-    'add-revoker'|'o')
+    'add-revoker'|'r+')
 	check_host_no_key
 	load_fingerprint
 	source "${MHSHAREDIR}/add_revoker"
 	add_revoker "$@"
 	;;
 
-    'revoke-key'|'r')
+    'revoke-key')
 	check_host_no_key
 	load_fingerprint
 	source "${MHSHAREDIR}/revoke_key"