- fingerprint=$(fingerprint_server_key)
- gpg_authentication "--fingerprint --list-key --list-options show-unusable-uids $fingerprint"
-
- # do some crazy "Here Strings" redirection to get the key to
- # ssh-keygen, since it doesn't read from stdin cleanly
- echo -n "ssh fingerprint: "
- ssh-keygen -l -f /dev/stdin \
- <<<$(gpg_authentication "--export $fingerprint" | \
- openpgp2ssh "$fingerprint" 2>/dev/null) | \
- awk '{ print $1, $2, $4 }'
- echo -n "OpenPGP fingerprint: "
- echo "$fingerprint"
+ # FIXME: you shouldn't have to be root to see the host key fingerprint
+ if is_root ; then
+ check_host_keyring
+ fingerprintPGP=$(fingerprint_server_key)
+ gpg_authentication "--fingerprint --list-key --list-options show-unusable-uids $fingerprintPGP" 2>/dev/null
+ echo "OpenPGP fingerprint: $fingerprintPGP"
+ else
+ log info "You must be root to see host OpenPGP fingerprint."
+ ret='1'
+ fi
+
+ if [ -f "${SYSDATADIR}/ssh_host_rsa_key.pub" ] ; then
+ fingerprintSSH=$(ssh-keygen -l -f "${SYSDATADIR}/ssh_host_rsa_key.pub" | \
+ awk '{ print $1, $2, $4 }')
+ echo "ssh fingerprint: $fingerprintSSH"
+ else
+ log info "SSH host key not found."
+ ret='1'
+ fi
+
+ return $ret