summaryrefslogtreecommitdiff
path: root/src/share/mh
diff options
context:
space:
mode:
Diffstat (limited to 'src/share/mh')
-rw-r--r--src/share/mh/add_hostname14
-rw-r--r--src/share/mh/add_revoker12
-rw-r--r--src/share/mh/publish_key29
-rw-r--r--src/share/mh/revoke_hostname14
-rw-r--r--src/share/mh/set_expire9
5 files changed, 60 insertions, 18 deletions
diff --git a/src/share/mh/add_hostname b/src/share/mh/add_hostname
index 910faf6..70bbec3 100644
--- a/src/share/mh/add_hostname
+++ b/src/share/mh/add_hostname
@@ -31,11 +31,15 @@ userID="ssh://${1}"
find_host_userid > /dev/null && \
failure "Host userID '$userID' already exists."
-echo "The following user ID will be added to the host key:"
-echo " $userID"
-read -p "Are you sure you would like to add this user ID? (y/N) " OK; OK=${OK:=N}
-if [ ${OK/y/Y} != 'Y' ] ; then
- failure "User ID not added."
+if [ "$PROMPT" = "true" ] ; then
+ echo "The following user ID will be added to the host key:"
+ echo " $userID"
+ read -p "Are you sure you would like to add this user ID? (y/N) " OK; OK=${OK:=N}
+ if [ ${OK/y/Y} != 'Y' ] ; then
+ failure "User ID not added."
+ fi
+else
+ log debug "adding user ID without prompting."
fi
# edit-key script command to add user ID
diff --git a/src/share/mh/add_revoker b/src/share/mh/add_revoker
index 1464ae8..b4113df 100644
--- a/src/share/mh/add_revoker
+++ b/src/share/mh/add_revoker
@@ -77,10 +77,14 @@ fi
log info "key found:"
gpg_host --fingerprint "0x${fingerprint}!"
-echo "Are you sure you want to add the above key as a"
-read -p "revoker of the host key? (y/N) " OK; OK=${OK:-N}
-if [ "${OK/y/Y}" != 'Y' ] ; then
- failure "Revoker not added."
+if [ "$PROMPT" = "true" ] ; then
+ echo "Are you sure you want to add the above key as a"
+ read -p "revoker of the host key? (y/N) " OK; OK=${OK:-N}
+ if [ "${OK/y/Y}" != 'Y' ] ; then
+ failure "revoker not added."
+ fi
+else
+ log debug "adding revoker without prompting."
fi
# edit-key script to add revoker
diff --git a/src/share/mh/publish_key b/src/share/mh/publish_key
index 600dfcf..b433ad7 100644
--- a/src/share/mh/publish_key
+++ b/src/share/mh/publish_key
@@ -15,12 +15,33 @@
publish_key() {
-read -p "Really publish host key to $KEYSERVER? (y/N) " OK; OK=${OK:=N}
-if [ ${OK/y/Y} != 'Y' ] ; then
- failure "key not published."
+local GNUPGHOME
+
+if [ "$PROMPT" = "true" ] ; then
+ read -p "Really publish host key to $KEYSERVER? (y/N) " OK; OK=${OK:=N}
+ if [ ${OK/y/Y} != 'Y' ] ; then
+ failure "key not published."
+ fi
+else
+ log debug "publishing key without prompting."
fi
+# create a temporary gnupg directory from which to publish the key
+export GNUPGHOME=$(mktemp -d)
+
+# trap to remove tmp dir if break
+trap "rm -rf $GNUPGHOME" EXIT
+
+# import the host key into the tmp dir
+su_monkeysphere_user \
+ "gpg --quiet --import" <"$HOST_KEY_FILE"
+
# publish host key
-gpg_sphere "--keyserver $KEYSERVER --send-keys '0x${HOST_FINGERPRINT}!'"
+su_monkeysphere_user \
+ "gpg --keyserver $KEYSERVER --send-keys '0x${HOST_FINGERPRINT}!'"
+
+# remove the tmp file
+trap - EXIT
+rm -rf "$GNUPGHOME"
}
diff --git a/src/share/mh/revoke_hostname b/src/share/mh/revoke_hostname
index 99ba603..77f1f0d 100644
--- a/src/share/mh/revoke_hostname
+++ b/src/share/mh/revoke_hostname
@@ -42,11 +42,15 @@ userID="ssh://${1}"
uidIndex=$(find_host_userid) || \
failure "No non-revoked user ID found matching '$userID'."
-echo "The following host key user ID will be revoked:"
-echo " $userID"
-read -p "Are you sure you would like to revoke this user ID? (y/N) " OK; OK=${OK:=N}
-if [ ${OK/y/Y} != 'Y' ] ; then
- failure "User ID not revoked."
+if [ "$PROMPT" = "true" ] ; then
+ echo "The following host key user ID will be revoked:"
+ echo " $userID"
+ read -p "Are you sure you would like to revoke this user ID? (y/N) " OK; OK=${OK:=N}
+ if [ ${OK/y/Y} != 'Y' ] ; then
+ failure "User ID not revoked."
+ fi
+else
+ log debug "revoking user ID without prompting."
fi
# edit-key script command to revoke user ID
diff --git a/src/share/mh/set_expire b/src/share/mh/set_expire
index 0b581d9..14d2501 100644
--- a/src/share/mh/set_expire
+++ b/src/share/mh/set_expire
@@ -21,6 +21,15 @@ local extendTo
# get the new expiration date
extendTo=$(get_gpg_expiration "$1")
+if [ "$PROMPT" = "true" ] ; then
+ read -p "Are you sure you want to change the expiration on the host key to '$extendTo'? (y/N) " OK; OK=${OK:-N}
+ if [ "${OK/y/Y}" != 'Y' ] ; then
+ failure "expiration not set."
+ fi
+else
+ log debug "extending without prompting."
+fi
+
log info "setting host key expiration to ${extendTo}:"
log debug "executing host expire script..."