}
# generate a subkey with the 'a' usage flags set
-# FIXME: not working yet.
+# FIXME: this needs some tweaking to clean it up
gen_subkey(){
local keyID
local gpgOut
local userID
- log "warning: this function is still not working."
-
keyID="$1"
gpgOut=$(gpg --fixed-list-mode --list-keys --with-colons \
# return 1 if there only "tru" lines are output from gpg
if [ -z "$(echo "$gpgOut" | grep -v '^tru:')" ] ; then
- log " key not found."
- return 1
+ failure "Key ID '$keyID' not found."
fi
# set subkey defaults
AUTHORIZED_USER_IDS=${AUTHORIZED_USER_IDS:-"${MS_HOME}/authorized_user_ids"}
GNUPGHOME=${GNUPGHOME:-"${HOME}/.gnupg"}
KEYSERVER=${KEYSERVER:-"subkeys.pgp.net"}
+CHECK_KEYSERVER=${CHECK_KEYSERVER:="true"}
REQUIRED_HOST_KEY_CAPABILITY=${REQUIRED_HOST_KEY_CAPABILITY:-"e a"}
REQUIRED_USER_KEY_CAPABILITY=${REQUIRED_USER_KEY_CAPABILITY:-"a"}
-USER_CONTROLLED_AUTHORIZED_KEYS=${USER_CONTROLLED_AUTHORIZED_KEYS:-"%h/.ssh/authorized_keys"}
+USER_CONTROLLED_AUTHORIZED_KEYS=${USER_CONTROLLED_AUTHORIZED_KEYS:-"${HOME}/.ssh/authorized_keys"}
USER_KNOWN_HOSTS=${USER_KNOWN_HOSTS:-"${HOME}/.ssh/known_hosts"}
HASH_KNOWN_HOSTS=${HASH_KNOWN_HOSTS:-"true"}
failure "known_hosts file '$USER_KNOWN_HOSTS' is empty."
fi
log "processing known_hosts file..."
- process_known_hosts "$USER_KNOWN_HOSTS" "$hostKeysCacheDir"
+ process_known_hosts "$hostKeysCacheDir"
fi
;;
for userID ; do
update_userid "$userID" "$userKeysCacheDir"
done
- log "run the following to update your monkeysphere authorized_keys file:"
+ log "Run the following to update your monkeysphere authorized_keys file:"
log "$PGRM update-authorized_keys"
;;
for userID ; do
remove_userid "$userID"
done
- log "run the following to update your monkeysphere authorized_keys file:"
+ log "Run the following to update your monkeysphere authorized_keys file:"
log "$PGRM update-authorized_keys"
;;
failure "$AUTHORIZED_USER_IDS is empty."
fi
- # set user-controlled authorized_keys file path
- userAuthorizedKeys=${USER_CONTROLLED_AUTHORIZED_KEYS/\%h/"$HOME"}
-
# update authorized_keys
- update_authorized_keys "$msAuthorizedKeys" "$userAuthorizedKeys" "$userKeysCacheDir"
+ update_authorized_keys "$msAuthorizedKeys" "$USER_CONTROLLED_AUTHORIZED_KEYS" "$userKeysCacheDir"
;;
'gen-subkey'|'g')
keyID="$1"
if [ -z "$keyID" ] ; then
- failure "you must specify keyid of primary key."
+ failure "You must specify the key ID of your primary key."
fi
gen_subkey "$keyID"
;;