# get the new expiration date
extendTo=$(get_gpg_expiration "$1")
-log info "setting host key expiration to ${extendTo}:"
+if [ "$PROMPT" = "true" ] ; then
+ read -p "Are you sure you want to change the expiration on the host key to '$extendTo'? (Y/n) " OK; OK=${OK:-Y}
+ if [ "${OK/y/Y}" != 'Y' ] ; then
+ failure "expiration not set."
+ fi
+else
+ log debug "extending without prompting."
+fi
+
+log info "setting host key expiration to ${extendTo}."
log debug "executing host expire script..."
gpg_host_edit expire <<EOF