diff options
| author | Daniel Kahn Gillmor <dkg@fifthhorseman.net> | 2009-01-31 18:30:59 -0500 |
|---|---|---|
| committer | Daniel Kahn Gillmor <dkg@fifthhorseman.net> | 2009-01-31 18:30:59 -0500 |
| commit | c700e9b0dcede303ed1f160ba51f564fd314d2e3 (patch) | |
| tree | 579690c1cb9e9112aa2fe4924a1c570fee357dcf /src/monkeysphere-host | |
| parent | 7d4b4815db8ba2f6f984a18a90b50032cf9158ba (diff) | |
| parent | 0d36aebed69b154903e158a4c0f5cc8707cf5168 (diff) | |
merging from jrollins
Diffstat (limited to 'src/monkeysphere-host')
| -rwxr-xr-x | src/monkeysphere-host | 39 |
1 files changed, 31 insertions, 8 deletions
diff --git a/src/monkeysphere-host b/src/monkeysphere-host index 19ab5fc..1f68256 100755 --- a/src/monkeysphere-host +++ b/src/monkeysphere-host @@ -20,11 +20,6 @@ export SYSSHAREDIR SYSDATADIR=${MONKEYSPHERE_SYSDATADIR:-"/var/lib/monkeysphere/host"} export SYSDATADIR -# monkeysphere temp directory, in sysdatadir to enable atomic moves of -# authorized_keys files -MSTMPDIR="${SYSDATADIR}/tmp" -export MSTMPDIR - # UTC date in ISO 8601 format if needed DATE=$(date -u '+%FT%T') @@ -53,13 +48,12 @@ subcommands: publish-key (p) publish server host key to keyserver expert - import-key (i) NAME[:PORT] import existing ssh key to gpg + import-key (i) [NAME[:PORT]] import existing ssh key to gpg --keyfile (-f) FILE key file to import --expire (-e) EXPIRE date to expire - gen-key (g) NAME[:PORT] generate gpg key for the host + gen-key (g) [NAME[:PORT]] generate gpg key for the host --length (-l) BITS key length in bits (2048) --expire (-e) EXPIRE date to expire - --revoker (-r) FINGERPRINT add a revoker diagnostics (d) monkeysphere host status version (v) show version number @@ -119,6 +113,35 @@ check_host_keyring() { || failure "You don't appear to have a Monkeysphere host key on this server. Please run 'monkeysphere-server gen-key' first." } +# show info about the host key +show_key() { + local fingerprintPGP + local fingerprintSSH + local ret=0 + + # FIXME: you shouldn't have to be root to see the host key fingerprint + if is_root ; then + check_host_keyring + fingerprintPGP=$(fingerprint_server_key) + gpg_authentication "--fingerprint --list-key --list-options show-unusable-uids $fingerprintPGP" 2>/dev/null + echo "OpenPGP fingerprint: $fingerprintPGP" + else + log info "You must be root to see host OpenPGP fingerprint." + ret='1' + fi + + if [ -f "${SYSDATADIR}/ssh_host_rsa_key.pub" ] ; then + fingerprintSSH=$(ssh-keygen -l -f "${SYSDATADIR}/ssh_host_rsa_key.pub" | \ + awk '{ print $1, $2, $4 }') + echo "ssh fingerprint: $fingerprintSSH" + else + log info "SSH host key not found." + ret='1' + fi + +return $ret +} + ######################################################################## # MAIN ######################################################################## |