projects
/
monkeysphere.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
don't use /dev/stdin hack with ssh-keygen to get ssh fingerprint. just use a tmp...
[monkeysphere.git]
/
src
/
monkeysphere-host
diff --git
a/src/monkeysphere-host
b/src/monkeysphere-host
index 152b469233cf381faba7f5f5ebdc193d3e6d2c3a..a67715f3ae30fd60f92d9263c591ecc8082159ce 100755
(executable)
--- a/
src/monkeysphere-host
+++ b/
src/monkeysphere-host
@@
-54,6
+54,7
@@
usage: $PGRM <subcommand> [options] [args]
Monkeysphere host admin tool.
subcommands:
Monkeysphere host admin tool.
subcommands:
+ import-key (i) [NAME[:PORT]] import existing ssh key to gpg
show-key (s) output all host key information
set-expire (e) EXPIRE set host key expiration
add-hostname (n+) NAME[:PORT] add hostname user ID to host key
show-key (s) output all host key information
set-expire (e) EXPIRE set host key expiration
add-hostname (n+) NAME[:PORT] add hostname user ID to host key
@@
-62,8
+63,6
@@
subcommands:
revoke-key (r) revoke host key
publish-key (p) publish host key to keyserver
revoke-key (r) revoke host key
publish-key (p) publish host key to keyserver
- import-key (i) [NAME[:PORT]] import existing ssh key to gpg
-
version (v) show version number
help (h,?) this help
version (v) show version number
help (h,?) this help
@@
-86,8
+85,6
@@
gpg_host_list() {
}
# command for edit key scripts, takes scripts on stdin
}
# command for edit key scripts, takes scripts on stdin
-# FIXME: should we supress all the edit script spew? or pipe it
-# through log debug?
gpg_host_edit() {
gpg_host --command-fd 0 --edit-key "0x${HOST_FINGERPRINT}!" "$@"
}
gpg_host_edit() {
gpg_host --command-fd 0 --edit-key "0x${HOST_FINGERPRINT}!" "$@"
}
@@
-113,7
+110,7
@@
load_fingerprint() {
&& rm -rf "$FUBAR") <"$HOST_KEY_FILE" \
| grep '^fpr:' | cut -d: -f10 )
else
&& rm -rf "$FUBAR") <"$HOST_KEY_FILE" \
| grep '^fpr:' | cut -d: -f10 )
else
- HOST_FINGERPRINT=
+ failure "host key gpg pub file not found."
fi
}
fi
}
@@
-175,6
+172,11
@@
show_key() {
# import the host key into the tmp dir
gpg --quiet --import <"$HOST_KEY_FILE"
# import the host key into the tmp dir
gpg --quiet --import <"$HOST_KEY_FILE"
+ # create the ssh key
+ TMPSSH="$GNUPGHOME"/ssh_host_key_rsa_pub
+ openpgp2ssh <"$HOST_KEY_FILE" 2>/dev/null >"$TMPSSH"
+
+ # get the gpg fingerprint
HOST_FINGERPRINT=$(gpg --quiet --list-keys --with-colons --with-fingerprint \
| grep '^fpr:' | cut -d: -f10 )
HOST_FINGERPRINT=$(gpg --quiet --list-keys --with-colons --with-fingerprint \
| grep '^fpr:' | cut -d: -f10 )
@@
-191,9
+193,7
@@
show_key() {
# list the ssh fingerprint
echo -n "ssh fingerprint: "
# list the ssh fingerprint
echo -n "ssh fingerprint: "
- ssh-keygen -l -f /dev/stdin \
- <<<$(openpgp2ssh <"$HOST_KEY_FILE" 2>/dev/null) \
- | awk '{ print $1, $2, $4 }'
+ ssh-keygen -l -f "$TMPSSH" | awk '{ print $1, $2, $4 }'
# remove the tmp file
trap - EXIT
# remove the tmp file
trap - EXIT
@@
-296,6
+296,7
@@
case $COMMAND in
;;
'update-gpg-pub-file')
;;
'update-gpg-pub-file')
+ load_fingerprint_secret
update_gpg_pub_file
;;
update_gpg_pub_file
;;