-check_host_keyring() {
- fingerprint_server_key >/dev/null \
- || failure "You don't appear to have a Monkeysphere host key on this server. Please run 'monkeysphere-server gen-key' first."
+check_host_fail() {
+ [ "$HOST_FINGERPRINT" ] || \
+ failure "You don't appear to have a Monkeysphere host key on this server. Please run 'monkeysphere-host expert import-key' first."
+}
+
+# show info about the host key
+show_key() {
+ local fingerprintSSH
+
+ # FIXME: should not have to be priviledged user to see this info.
+ # should be taken from publicly accessible key files, instead of
+ # the keyring.
+
+ gpg_host --fingerprint --list-key --list-options show-unusable-uids \
+ "0x${HOST_FINGERPRINT}!" 2>/dev/null
+
+ echo "OpenPGP fingerprint: $HOST_FINGERPRINT"
+
+ if [ -f "${MHDATADIR}/ssh_host_rsa_key.pub" ] ; then
+ fingerprintSSH=$(ssh-keygen -l -f "${MHDATADIR}/ssh_host_rsa_key.pub" | \
+ awk '{ print $1, $2, $4 }')
+ echo "ssh fingerprint: $fingerprintSSH"
+ else
+ log info "SSH host key not found."
+ fi
+
+ # FIXME: show expiration date
+ # FIXME: other relevant key parameters?