diff options
| author | Daniel Kahn Gillmor <dkg@fifthhorseman.net> | 2008-08-07 00:22:18 -0400 |
|---|---|---|
| committer | Daniel Kahn Gillmor <dkg@fifthhorseman.net> | 2008-08-07 00:22:18 -0400 |
| commit | fc970021e82d737bddfe235bfff981db92ea1afe (patch) | |
| tree | 7c905117a7be0a6fed6ef2ac65bcfac0797d25c8 /src | |
| parent | 0a38730c4bc95c7e9152ffd22459e9acc2bd0f45 (diff) | |
preparing better diagnostic messages for hosts that still have old HostKeys left.
Diffstat (limited to 'src')
| -rwxr-xr-x | src/monkeysphere-server | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/monkeysphere-server b/src/monkeysphere-server index 63c3668..a0b7067 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -390,6 +390,7 @@ diagnostics() { local expire local uid local fingerprint + local badhostkeys seckey=$(gpg_host --list-secret-keys --fingerprint --with-colons --fixed-list-mode) keysfound=$(echo "$seckey" | grep -c ^sec:) @@ -471,6 +472,11 @@ diagnostics() { echo "! /etc/ssh/sshd_config does not point to the monkeysphere host key (${VARLIB}/ssh_host_rsa_key)." echo " - Recommendation: add a line to /etc/ssh/sshd_config: 'HostKey ${VARLIB}/ssh_host_rsa_key'" fi + if badhostkeys=$(grep '^HostKey' | grep -q -v "^HostKey ${VARLIB}/ssh_host_rsa_key$") ; then + echo "! /etc/sshd_config refers to some non-monkeysphere host keys:" + echo "$badhostkeys" + echo "- Recommendation: remove the above HostKey lines from /etc/ssh/sshd_config" + fi fi fi |