From 10888c602170f6157ff43a81bad920babdd6a59e Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Fri, 20 Feb 2009 12:27:01 -0500 Subject: monkeysphere-host revoke-key should now be capable of publishing the revocation certificate to the keyservers directly, should the admin want that. It can also run without prompting, if MONKEYSPHERE_PROMPT=false. In the no-prompts case, it never publishes to the keyserver, it indicates that the key was compromised, and it writes a boilerplate description to make it easy to identify this kind of certificate. --- src/monkeysphere-host | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'src/monkeysphere-host') diff --git a/src/monkeysphere-host b/src/monkeysphere-host index 4c7df88..efa48cd 100755 --- a/src/monkeysphere-host +++ b/src/monkeysphere-host @@ -56,12 +56,13 @@ Monkeysphere host admin tool. subcommands: import-key (i) FILE [NAME[:PORT]] import existing ssh key to gpg show-key (s) output all host key information + publish-key (p) publish host key to keyserver set-expire (e) [EXPIRE] set host key expiration add-hostname (n+) NAME[:PORT] add hostname user ID to host key revoke-hostname (n-) NAME[:PORT] revoke hostname user ID - add-revoker (o) [KEYID|FILE] add a revoker to the host key - revoke-key (r) revoke host key - publish-key (p) publish host key to keyserver + add-revoker (r+) [KEYID|FILE] add a revoker to the host key + revoke-key generate and/or publish revocation + certificate for host key version (v) show version number help (h,?) this help @@ -268,14 +269,14 @@ case $COMMAND in revoke_hostname "$@" ;; - 'add-revoker'|'o') + 'add-revoker'|'r+') check_host_no_key load_fingerprint source "${MHSHAREDIR}/add_revoker" add_revoker "$@" ;; - 'revoke-key'|'r') + 'revoke-key') check_host_no_key load_fingerprint source "${MHSHAREDIR}/revoke_key" -- cgit v1.2.3