summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rwxr-xr-xsrc/monkeysphere-host15
-rw-r--r--src/share/mh/gen_key4
-rw-r--r--src/share/mh/import_key4
3 files changed, 11 insertions, 12 deletions
diff --git a/src/monkeysphere-host b/src/monkeysphere-host
index 506dcf9..be398b1 100755
--- a/src/monkeysphere-host
+++ b/src/monkeysphere-host
@@ -102,10 +102,13 @@ gpg_host_export_to_ssh_file() {
}
# output just key fingerprint
-fingerprint_host_key() {
+# FIXME: should not have to be priviledged user to get host
+# fingerprint. should be taken from publicly accessible key files,
+# instead of the keyring.
+get_host_fingerprint() {
gpg_host --list-secret-keys --fingerprint \
--with-colons --fixed-list-mode 2> /dev/null | \
- grep '^fpr:' | head -1 | cut -d: -f10 2>/dev/null
+ grep '^fpr:' | head -1 | cut -d: -f10 2>/dev/null || true
}
# output the index of a user ID on the host key
@@ -142,12 +145,9 @@ check_host_fail() {
show_key() {
local fingerprintSSH
- # FIXME: should not have to be priviledged user to see this info.
- # should be taken from publicly accessible key files, instead of
- # the keyring.
-
gpg_host --fingerprint --list-key --list-options show-unusable-uids \
"0x${HOST_FINGERPRINT}!" 2>/dev/null
+ # FIXME: make sure expiration date is shown
echo "OpenPGP fingerprint: $HOST_FINGERPRINT"
@@ -160,7 +160,6 @@ show_key() {
log error "SSH host key not found."
fi
- # FIXME: show expiration date
# FIXME: other relevant key parameters?
}
@@ -188,7 +187,7 @@ CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:="true"}
GNUPGHOME_HOST=${MONKEYSPHERE_GNUPGHOME_HOST:="${MHDATADIR}"}
# host key fingerprint
-HOST_FINGERPRINT=$(fingerprint_host_key)
+HOST_FINGERPRINT=$(get_host_fingerprint)
# host pub key files
HOST_KEY_PUB="${SYSDATADIR}/ssh_host_rsa_key.pub"
diff --git a/src/share/mh/gen_key b/src/share/mh/gen_key
index 44109bb..7b427e4 100644
--- a/src/share/mh/gen_key
+++ b/src/share/mh/gen_key
@@ -21,7 +21,7 @@ local keyExpire="0"
local userID
# check for presense of a key
-[ "$FINGERPRINT" ] && \
+[ "$HOST_FINGERPRINT" ] && \
failure "An OpenPGP host key already exists."
# get options
@@ -62,7 +62,7 @@ Expire-Date: $keyExpire
EOF
# find the key fingerprint of the newly converted key
-HOST_FINGERPRINT=$(fingerprint_host_key)
+HOST_FINGERPRINT=$(get_host_fingerprint)
export HOST_FINGERPRINT
# translate the private key to ssh format, and export to a file
diff --git a/src/share/mh/import_key b/src/share/mh/import_key
index 1efb1ac..99511a8 100644
--- a/src/share/mh/import_key
+++ b/src/share/mh/import_key
@@ -17,7 +17,7 @@ local hostName
local userID
# check for presense of a key
-[ "$FINGERPRINT" ] && \
+[ "$HOST_FINGERPRINT" ] && \
failure "An OpenPGP host key already exists."
hostName=${1:-$(hostname -f)}
@@ -34,7 +34,7 @@ PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" | \
gpg_host --import
# find the key fingerprint of the newly converted key
-HOST_FINGERPRINT=$(fingerprint_host_key)
+HOST_FINGERPRINT=$(get_host_fingerprint)
export HOST_FINGERPRINT
# export public key to file