blob: f7c69c3eaeb007becc0f59fc5d4fa74ec6f5c3e6 (
plain)
- # -*-shell-script-*-
- # This should be sourced by bash (though we welcome changes to make it POSIX sh compliant)
- # Monkeysphere host import-key subcommand
- #
- # The monkeysphere scripts are written by:
- # Jameson Rollins <jrollins@finestructure.net>
- # Jamie McClelland <jm@mayfirst.org>
- # Daniel Kahn Gillmor <dkg@fifthhorseman.net>
- #
- # They are Copyright 2008-2009 and are all released under the GPL,
- # version 3 or later.
- import_key() {
- local sshKeyFile
- local hostName
- local domain
- local userID
- sshKeyFile="$1"
- hostName="$2"
- # check that key file specified
- if [ -z "$sshKeyFile" ] ; then
- failure "Must specify ssh key file to import, or specify '-' for stdin."
- fi
- # fail if hostname not specified
- if [ -z "$hostName" ] ; then
- failure "You must specify a fully-qualified domain name for use in the host certificate user ID."
- fi
- userID="ssh://${hostName}"
- # create host home
- mkdir -p "${MHDATADIR}"
- mkdir -p "${GNUPGHOME_HOST}"
- chmod 700 "${GNUPGHOME_HOST}"
- # import ssh key to a private key
- if [ "$sshKeyFile" = '-' ] ; then
- log verbose "importing ssh key from stdin..."
- PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" \
- | gpg_host --import
- else
- log verbose "importing ssh key from file '$sshKeyFile'..."
- PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" \
- <"$sshKeyFile" \
- | gpg_host --import
- fi
- # load the new host fpr into the fpr variable. this is so we can
- # create the gpg pub key file. we have to do this from the secret key
- # ring since we obviously don't have the gpg pub key file yet, since
- # that's what we're trying to produce (see below).
- load_fingerprint_secret
- # export to gpg public key to file
- update_gpg_pub_file
- log info "host key imported:"
- # show info about new key
- show_key
- }
|
