Separate required key capability variables for users and hosts.

[monkeysphere.git] / src / monkeysphere

diff --git a/src/monkeysphere b/src/monkeysphere
index 997ca582a0dc0d936f117b217e067074fe83e82a..ff4423ba11107365afb2343f46232baf35bf1b22 100755 (executable)
--- a/src/monkeysphere
+++ b/src/monkeysphere
@@ -35,7 +35,8 @@ MonkeySphere client tool.
 
 subcommands:
   update-known_hosts (k) [HOST]...  update known_hosts file
-  update-userids (u) [USERID]...    add/update userid
+  update-userids (u) [USERID]...    add/update user IDs
+  remove-userids (r) [USERID]...    remove user IDs
   update-authorized_keys (a)        update authorized_keys file
   gen-ae-subkey (g) KEYID           generate an 'ae' capable subkey
   help (h,?)                        this help
@@ -117,7 +118,8 @@ MS_CONF=${MS_CONF:-"${MS_HOME}/monkeysphere.conf"}
 AUTHORIZED_USER_IDS=${AUTHORIZED_USER_IDS:-"${MS_HOME}/authorized_user_ids"}
 GNUPGHOME=${GNUPGHOME:-"${HOME}/.gnupg"}
 KEYSERVER=${KEYSERVER:-"subkeys.pgp.net"}
-REQUIRED_KEY_CAPABILITY=${REQUIRED_KEY_CAPABILITY:-"e a"}
+REQUIRED_HOST_KEY_CAPABILITY=${REQUIRED_HOST_KEY_CAPABILITY:-"e a"}
+REQUIRED_USER_KEY_CAPABILITY=${REQUIRED_USER_KEY_CAPABILITY:-"a"}
 USER_CONTROLLED_AUTHORIZED_KEYS=${USER_CONTROLLED_AUTHORIZED_KEYS:-"%h/.ssh/authorized_keys"}
 USER_KNOWN_HOSTS=${USER_KNOWN_HOSTS:-"${HOME}/.ssh/known_hosts"}
 HASH_KNOWN_HOSTS=${HASH_KNOWN_HOSTS:-"true"}
@@ -164,13 +166,26 @@ case $COMMAND in
        fi
        ;;
 
-    'update-userids'|'u')
+    'update-userids'|'update-userid'|'u')
        if [ -z "$1" ] ; then
            failure "you must specify at least one userid."
        fi
        for userID ; do
            update_userid "$userID" "$userKeysCacheDir"
        done
+       log "run the following to update your monkeysphere authorized_keys file:"
+       log "$PGRM update-authorized_keys"
+       ;;
+
+    'remove-userids'|'remove-userid'|'r')
+       if [ -z "$1" ] ; then
+           failure "you must specify at least one userid."
+       fi
+       for userID ; do
+           remove_userid "$userID"
+       done
+       log "run the following to update your monkeysphere authorized_keys file:"
+       log "$PGRM update-authorized_keys"
        ;;
 
     'update-authorized_keys'|'update-authorized-keys'|'a')