# rhesus shell script when run in administrative mode to maintain
# authorized_keys files for users.
-AUTH_USER_FILE=/etc/monkeysphere/auth_user_ids/"$USER"
+AUTHORIZED_USER_IDS=/etc/monkeysphere/authorized_user_ids/"$USER"
STAGING_AREA=/var/lib/monkeysphere/stage/"$USER"
# gpg keyserver to search for keys
KEYSERVER=subkeys.pgp.net
+
+# required capabilities of keys
+# must be quoted, lowercase, space-seperated list of the following:
+# e = encrypt
+# s = sign
+# c = certify
+# a = authentication
+REQUIRED_KEY_CAPABILITY="e a"
+
+# Path to user-controlled authorized_keys file to add to
+# Monkeysphere-generated authorized_keys file. If empty, then no
+# user-controlled file will be added. To specify the user's home
+# directory, use the string "~${USER}"
+USER_CONTROLLED_AUTHORIZED_KEYS="~${USER}/.ssh/authorized_keys"
+