SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/share/monkeysphere"}
export SYSSHAREDIR
-. "${SYSSHAREDIR}/common" || exit 1
+. "${SYSSHAREDIR}/defaultenv"
+. "${SYSSHAREDIR}/common"
SYSDATADIR=${MONKEYSPHERE_SYSDATADIR:-"/var/lib/monkeysphere"}
export SYSDATADIR
# unset some environment variables that could screw things up
unset GREP_OPTIONS
-# default return code
-RETURN=0
-
########################################################################
# FUNCTIONS
########################################################################
set-expire (e) [EXPIRE] set host key expiration
add-hostname (n+) NAME[:PORT] add hostname user ID to host key
revoke-hostname (n-) NAME[:PORT] revoke hostname user ID
- add-revoker (r+) [KEYID|FILE] add a revoker to the host key
+ add-revoker (r+) KEYID|FILE add a revoker to the host key
revoke-key generate and/or publish revocation
certificate for host key
# show info about the host key
show_key() {
local GNUPGHOME
+ local TMPSSH
+ local revokers
# tmp gpghome dir
export GNUPGHOME=$(msmktempdir)
# create the ssh key
TMPSSH="$GNUPGHOME"/ssh_host_key_rsa_pub
- openpgp2ssh <"$HOST_KEY_FILE" 2>/dev/null >"$TMPSSH"
+ gpg --export | openpgp2ssh 2>/dev/null >"$TMPSSH"
# get the gpg fingerprint
HOST_FINGERPRINT=$(gpg --quiet --list-keys --with-colons --with-fingerprint \
| grep -v "^${GNUPGHOME}/pubring.gpg$" \
| egrep -v '^-+$'
+ # list revokers, if there are any
+ revokers=$(gpg --list-keys --with-colons --fixed-list-mode \
+ | awk -F: '/^rvk:/{ print $10 }' )
+ if [ "$revokers" ] ; then
+ echo "The following keys are allowed to revoke this host key:"
+ for key in $revokers ; do
+ echo "revoker: $key"
+ done
+ echo
+ fi
+
# list the pgp fingerprint
echo "OpenPGP fingerprint: $HOST_FINGERPRINT"
;;
'version'|'v')
- echo "$VERSION"
+ version
;;
'--help'|'help'|'-h'|'h'|'?')
Type '$PGRM help' for usage."
;;
esac
-
-exit "$RETURN"