blob: 940b5f462f2ef7694a1d772e9aee2992d5bb3d54 (
plain)
- # -*-shell-script-*-
- # This should be sourced by bash (though we welcome changes to make it POSIX sh compliant)
- # Monkeysphere host revoke-hostname subcommand
- #
- # The monkeysphere scripts are written by:
- # Jameson Rollins <jrollins@finestructure.net>
- # Jamie McClelland <jm@mayfirst.org>
- # Daniel Kahn Gillmor <dkg@fifthhorseman.net>
- #
- # They are Copyright 2008-2009, and are all released under the GPL,
- # version 3 or later.
- # revoke hostname user ID from host key
- revoke_hostname() {
- local userID
- local fingerprint
- local tmpuidMatch
- local line
- local uidIndex
- local message
- local revuidCommand
- if [ -z "$1" ] ; then
- failure "You must specify a hostname to revoke."
- fi
- echo "WARNING: There is a known bug in this function."
- echo "This function has been known to occasionally revoke the wrong user ID."
- echo "Please see the following bug report for more information:"
- echo "http://web.monkeysphere.info/bugs/revoke-hostname-revoking-wrong-userid/"
- read -p "Are you sure you would like to proceed? (y/N) " OK; OK=${OK:=N}
- if [ ${OK/y/Y} != 'Y' ] ; then
- failure "aborting."
- fi
- userID="ssh://${1}"
- # make sure the user ID to revoke
- uidIndex=$(find_host_userid) || \
- failure "No non-revoked user ID found matching '$userID'."
- echo "The following host key user ID will be revoked:"
- echo " $userID"
- read -p "Are you sure you would like to revoke this user ID? (y/N) " OK; OK=${OK:=N}
- if [ ${OK/y/Y} != 'Y' ] ; then
- failure "User ID not revoked."
- fi
- # edit-key script command to revoke user ID
- revuidCommand=$(cat <<EOF
- $uidIndex
- revuid
- y
- 4
- Hostname removed by monkeysphere-host: $DATE
- y
- save
- EOF
- )
- # execute edit-key script
- if echo "$revuidCommand" | gpg_host_edit ; then
- show_key
- echo
- echo "NOTE: User ID revoked, but revocation not published."
- echo "Run '$PGRM publish-key' to publish the revocation."
- else
- failure "Problem revoking user ID."
- fi
- }
|