projects
/
monkeysphere.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
make host show_key use just the pgp pub key file to get the ssh fingerprint, as it...
[monkeysphere.git]
/
src
/
monkeysphere-host
diff --git
a/src/monkeysphere-host
b/src/monkeysphere-host
index d6e4c686287a57c0782e33896c08d44200252247..ff28486a1b8f7ec36342a25508935c77948e0fb1 100755
(executable)
--- a/
src/monkeysphere-host
+++ b/
src/monkeysphere-host
@@
-37,8
+37,7
@@
MHTMPDIR="${MHDATADIR}/tmp"
export MHTMPDIR
# host pub key files
export MHTMPDIR
# host pub key files
-HOST_KEY_PUB="${SYSDATADIR}/ssh_host_rsa_key.pub"
-HOST_KEY_PUB_GPG="${SYSDATADIR}/ssh_host_rsa_key.pub.gpg"
+HOST_KEY_FILE="${SYSDATADIR}/ssh_host_rsa_key.pub.gpg"
# UTC date in ISO 8601 format if needed
DATE=$(date -u '+%FT%T')
# UTC date in ISO 8601 format if needed
DATE=$(date -u '+%FT%T')
@@
-67,12
+66,12
@@
subcommands:
revoke-key (r) revoke host key
publish-key (p) publish host key to keyserver
revoke-key (r) revoke host key
publish-key (p) publish host key to keyserver
- expert <expert-subcommand> run expert command
- expert help expert command help
+ import-key (i) [NAME[:PORT]] import existing ssh key to gpg
version (v) show version number
help (h,?) this help
version (v) show version number
help (h,?) this help
+See ${PGRM}(8) for more info.
EOF
}
EOF
}
@@
-95,17
+94,12
@@
gpg_host_edit() {
"0x${HOST_FINGERPRINT}!" "$@"
}
"0x${HOST_FINGERPRINT}!" "$@"
}
-# export the host key to stdout
-gpg_host_export() {
- gpg_host --export --armor --export-options export-minimal \
- "0x${HOST_FINGERPRINT}!"
-}
-
# export the host public key to the monkeysphere gpg pub key file
create_gpg_pub_file() {
log debug "creating openpgp public key file..."
# export the host public key to the monkeysphere gpg pub key file
create_gpg_pub_file() {
log debug "creating openpgp public key file..."
- gpg_host_export > "$HOST_KEY_PUB_GPG"
- log info "GPG host public key file: $HOST_KEY_PUB_GPG"
+ gpg_host --export --armor --export-options export-minimal \
+ "0x${HOST_FINGERPRINT}!" > "$HOST_KEY_FILE"
+ log info "GPG host public key file: $HOST_KEY_FILE"
}
# load the host fingerprint into the fingerprint variable, using the
}
# load the host fingerprint into the fingerprint variable, using the
@@
-114,12
+108,12
@@
create_gpg_pub_file() {
# stuff. is there a way we can do this without having to create temp
# files?
load_fingerprint() {
# stuff. is there a way we can do this without having to create temp
# files?
load_fingerprint() {
- if [ -f "$HOST_KEY_
PUB_GPG
" ] ; then
+ if [ -f "$HOST_KEY_
FILE
" ] ; then
HOST_FINGERPRINT=$( \
(FUBAR=$(mktemp -d) && export GNUPGHOME="$FUBAR" \
&& gpg --quiet --import \
&& gpg --quiet --list-keys --with-colons --with-fingerprint \
HOST_FINGERPRINT=$( \
(FUBAR=$(mktemp -d) && export GNUPGHOME="$FUBAR" \
&& gpg --quiet --import \
&& gpg --quiet --list-keys --with-colons --with-fingerprint \
- && rm -rf "$FUBAR") <"$HOST_KEY_
PUB_GPG
" \
+ && rm -rf "$FUBAR") <"$HOST_KEY_
FILE
" \
| grep '^fpr:' | cut -d: -f10 )
else
HOST_FINGERPRINT=
| grep '^fpr:' | cut -d: -f10 )
else
HOST_FINGERPRINT=
@@
-135,13
+129,6
@@
load_fingerprint_secret() {
| grep '^fpr:' | cut -d: -f10 )
}
| grep '^fpr:' | cut -d: -f10 )
}
-# output host key ssh fingerprint
-load_ssh_fingerprint() {
- [ -f "$HOST_KEY_PUB" ] || return 0
- HOST_FINGERPRINT_SSH=$(ssh-keygen -l -f "$HOST_KEY_PUB" \
- | awk '{ print $1, $2, $4 }')
-}
-
# fail if host key present
check_host_key() {
[ -z "$HOST_FINGERPRINT" ] \
# fail if host key present
check_host_key() {
[ -z "$HOST_FINGERPRINT" ] \
@@
-186,13
+173,10
@@
show_key() {
echo "OpenPGP fingerprint: $HOST_FINGERPRINT"
echo "OpenPGP fingerprint: $HOST_FINGERPRINT"
- load_ssh_fingerprint
-
- if [ "$HOST_FINGERPRINT_SSH" ] ; then
- echo "ssh fingerprint: $HOST_FINGERPRINT_SSH"
- else
- log error "SSH host key not found."
- fi
+ echo -n "ssh fingerprint: "
+ ssh-keygen -l -f /dev/stdin \
+ <<<$(openpgp2ssh <"$HOST_KEY_FILE" 2>/dev/null) \
+ | awk '{ print $1, $2, $4 }'
# FIXME: other relevant key parameters?
}
# FIXME: other relevant key parameters?
}
@@
-229,7
+213,6
@@
export KEYSERVER
export GNUPGHOME_HOST
export GNUPGHOME
export HOST_FINGERPRINT=
export GNUPGHOME_HOST
export GNUPGHOME
export HOST_FINGERPRINT=
-export HOST_FINGERPRINT_SSH=
# get subcommand
COMMAND="$1"
# get subcommand
COMMAND="$1"
@@
-285,47
+268,16
@@
case $COMMAND in
publish_key
;;
publish_key
;;
- 'expert')
- SUBCOMMAND="$1"
- shift
- case "$SUBCOMMAND" in
- 'help'|'h'|'?')
- cat <<EOF
-usage: $PGRM expert <subcommand> [options] [args]
-
-expert subcommands:
- import-key (i) FILE [NAME[:PORT]] import existing ssh key to gpg
- gen-key (g) [NAME[:PORT]] generate gpg key for the host
- --length (-l) BITS key length in bits (2048)
- diagnostics (d) monkeysphere host status
+ 'import-key'|'i')
+ load_fingerprint
+ check_host_key
+ source "${MHSHAREDIR}/import_key"
+ import_key "$@"
+ ;;
-EOF
- ;;
-
- 'import-key'|'i')
- load_fingerprint
- check_host_key
- source "${MHSHAREDIR}/import_key"
- import_key "$@"
- ;;
-
- 'gen-key'|'g')
- load_fingerprint
- check_host_key
- source "${MHSHAREDIR}/gen_key"
- gen_key "$@"
- ;;
-
- 'diagnostics'|'d')
- source "${MHSHAREDIR}/diagnostics"
- diagnostics
- ;;
-
- *)
- failure "Unknown expert subcommand: '$COMMAND'
-Type '$PGRM help' for usage."
- ;;
- esac
+ 'diagnostics'|'d')
+ source "${MHSHAREDIR}/diagnostics"
+ diagnostics
;;
'version'|'v')
;;
'version'|'v')