summaryrefslogtreecommitdiff
path: root/src/share
diff options
context:
space:
mode:
Diffstat (limited to 'src/share')
-rw-r--r--src/share/ma/setup12
-rw-r--r--src/share/ma/update_users2
-rw-r--r--src/share/mh/gen_key12
-rw-r--r--src/share/mh/import_key4
4 files changed, 17 insertions, 13 deletions
diff --git a/src/share/ma/setup b/src/share/ma/setup
index abce3af..672a960 100644
--- a/src/share/ma/setup
+++ b/src/share/ma/setup
@@ -12,8 +12,9 @@
# version 3 or later.
setup() {
- # make the core and the sphere:
- mkdir -p "${SYSDATADIR}"/authentication
+ # make all needed directories
+ mkdir -p "${MADATADIR}"
+ mkdir -p "${MATMPDIR}"
mkdir -p "${GNUPGHOME_SPHERE}"
mkdir -p "${GNUPGHOME_CORE}"
@@ -46,14 +47,17 @@ EOF
local CORE_UID=$(printf "Monkeysphere authentication trust core UID (random string: %s)" $(head -c21 </dev/urandom | base64))
- local TMPLOC=$(mktemp -d ${MATMPDIR}/tmp.XXXXXXXXXX) || failure "Could not create temporary directory!"
- ssh-keygen -q -b 2048 -t rsa -N'' "${TMPLOC}/authkey" || failure "Could not generate new key for Monkeysphere authentication trust core"
+ local TMPLOC=$(mktemp -d "${MATMPDIR}"/tmp.XXXXXXXXXX) || failure "Could not create temporary directory!"
+ # generate the key with ssh-keygen...
+ ssh-keygen -q -b 1024 -t rsa -N '' -f "${TMPLOC}/authkey" || failure "Could not generate new key for Monkeysphere authentication trust core"
+ # and then translate to openpgp encoding and import
# FIXME: pem2openpgp currently sets the A flag and a short
# expiration date. We should set the C flag and no expiration
# date.
< "${TMPLOC}/authkey" pem2openpgp "$CORE_UID" | gpg --import || failure "Could not import new key for Monkeysphere authentication trust core"
+ gpg_core --with-colons --fixed-list-mode --fingerprint --list-secret-key
CORE_FPR=$(gpg_core --with-colons --fixed-list-mode --fingerprint --list-secret-key | grep ^fpr: | cut -f10 -d: )
if [ -z "$CORE_FPR" ] ; then
failure "Failed to create Monkeysphere authentication trust core!"
diff --git a/src/share/ma/update_users b/src/share/ma/update_users
index 73685f6..e9e3cc6 100644
--- a/src/share/ma/update_users
+++ b/src/share/ma/update_users
@@ -35,7 +35,7 @@ MODE="authorized_keys"
GNUPGHOME="$GNUPGHOME_SPHERE"
# the authorized_keys directory
-authorizedKeysDir="${SYSDATADIR}/authentication/authorized_keys"
+authorizedKeysDir="${MADATADIR}/authorized_keys"
# check to see if the gpg trust database has been initialized
if [ ! -s "${GNUPGHOME}/trustdb.gpg" ] ; then
diff --git a/src/share/mh/gen_key b/src/share/mh/gen_key
index 162a64e..c0445db 100644
--- a/src/share/mh/gen_key
+++ b/src/share/mh/gen_key
@@ -90,12 +90,12 @@ fingerprint=$(fingerprint_server_key)
# NOTE: assumes that the primary key is the proper key to use
(umask 077 && \
gpg_host --export-secret-key "$fingerprint" | \
- openpgp2ssh "$fingerprint" > "${SYSDATADIR}/ssh_host_rsa_key")
-log info "SSH host private key output to file: ${SYSDATADIR}/ssh_host_rsa_key"
-ssh-keygen -y -f "${SYSDATADIR}/ssh_host_rsa_key" > "${SYSDATADIR}/ssh_host_rsa_key.pub"
-log info "SSH host public key output to file: ${SYSDATADIR}/ssh_host_rsa_key.pub"
-gpg_host "--export-options export-minimal --armor --export 0x${fingerprint}\!" > "${SYSDATADIR}/ssh_host_rsa_key.pub.gpg"
-log info "SSH host public key in OpenPGP form: ${SYSDATADIR}/ssh_host_rsa_key.pub.gpg"
+ openpgp2ssh "$fingerprint" > "${MHDATADIR}/ssh_host_rsa_key")
+log info "SSH host private key output to file: ${MHDATADIR}/ssh_host_rsa_key"
+ssh-keygen -y -f "${MHDATADIR}/ssh_host_rsa_key" > "${MHDATADIR}/ssh_host_rsa_key.pub"
+log info "SSH host public key output to file: ${MHDATADIR}/ssh_host_rsa_key.pub"
+gpg_host "--export-options export-minimal --armor --export 0x${fingerprint}\!" > "${MHDATADIR}/ssh_host_rsa_key.pub.gpg"
+log info "SSH host public key in OpenPGP form: ${MHDATADIR}/ssh_host_rsa_key.pub.gpg"
# show info about new key
show_key
diff --git a/src/share/mh/import_key b/src/share/mh/import_key
index c0d5956..0f16d27 100644
--- a/src/share/mh/import_key
+++ b/src/share/mh/import_key
@@ -79,8 +79,8 @@ log verbose "setting ultimate owner trust for host key..."
echo "${fingerprint}:6:" | gpg_host "--import-ownertrust"
# export public key to file
-gpg_host "--export-options export-minimal --armor --export 0x${fingerprint}\!" > "${SYSDATADIR}/ssh_host_rsa_key.pub.gpg"
-log info "SSH host public key in OpenPGP form: ${SYSDATADIR}/ssh_host_rsa_key.pub.gpg"
+gpg_host "--export-options export-minimal --armor --export 0x${fingerprint}\!" > "${MHDATADIR}/ssh_host_rsa_key.pub.gpg"
+log info "SSH host public key in OpenPGP form: ${MHDATADIR}/ssh_host_rsa_key.pub.gpg"
# show info about new key
show_key