- if [ -f "${MHDATADIR}/ssh_host_rsa_key.pub" ] ; then
- fingerprintSSH=$(ssh-keygen -l -f "${MHDATADIR}/ssh_host_rsa_key.pub" | \
- awk '{ print $1, $2, $4 }')
- echo "ssh fingerprint: $fingerprintSSH"
- else
- log info "SSH host key not found."
+ # get the gpg fingerprint
+ fingerprint=$(gpg --quiet --list-keys \
+ --with-colons --with-fingerprint "$id" \
+ | grep '^fpr:' | cut -d: -f10 )
+
+ # list the host key info
+ # FIXME: make no-show-keyring work so we don't have to do the grep'ing
+ # FIXME: can we show uid validity somehow?
+ gpg --list-keys --list-options show-unusable-uids "$id" 2>/dev/null \
+ | grep -v "^${GNUPGHOME}/pubring.gpg$" \
+ | egrep -v '^-+$'
+
+ # list revokers, if there are any
+ revokers=$(gpg --list-keys --with-colons --fixed-list-mode "$id" \
+ | awk -F: '/^rvk:/{ print $10 }' )
+ if [ "$revokers" ] ; then
+ echo "The following keys are allowed to revoke this host key:"
+ for key in $revokers ; do
+ echo "revoker: $key"
+ done
+ echo