# function to interact with the gpg keyring
gpg_host() {
- GNUPGHOME="$GNUPGHOME_HOST" gpg --no-greeting --quiet --no-tty "$@"
+ GNUPGHOME="$GNUPGHOME_HOST" gpg --no-auto-check-trustdb --no-greeting --quiet --no-tty "$@"
}
# list the info about the a key, in colon format, to stdout
domain name you chose appears to only have the local part. For
example: don't use 'ssh://foo' ; use 'ssh://foo.example.com' instead."
- [[ "$name" =~ ^[a-z]([a-z0-9-]*[a-z0-9])?://[a-z0-9]([a-z0-9-]*[a-z0-9])?(\.|((\.[a-z0-9]([a-z0-9-]*[a-z0-9])?)+))(:[1-9][0-9]{0,4})?$ ]] || \
+ [[ "$name" =~ ^[a-z0-9]([a-z0-9-]*[a-z0-9])?://[a-z0-9]([a-z0-9-]*[a-z0-9])?(\.|((\.[a-z0-9]([a-z0-9-]*[a-z0-9])?)+))(:[1-9][0-9]{0,4})?$ ]] || \
failure "Not a valid service name: '$name'
Service names look like <scheme>://full.example.com[:<portnumber>],
if gpgOut=$(gpg_host_list_keys "=${userID}" 2>/dev/null) ; then
fingerprint=$(echo "$gpgOut" | grep '^fpr:' | cut -d: -f10)
if [ "$PROMPT" != "false" ] ; then
- printf "Service name '%s' is already being used by key '%s'.\nAre you sure you want to use it again? (y/N) " "$fingerprint" "$userID" >&2
+ printf "Service name '%s' is already being used by key '%s'.\nAre you sure you want to use it again? (y/N) " "$userID" "$fingerprint" >&2
read OK; OK=${OK:=N}
if [ "${OK/y/Y}" != 'Y' ] ; then
failure "Service name not added."
shift
local keys=$@
local i=0
- local fprs=($(list_primary_fingerprints <"$HOST_KEY_FILE"))
local key
check_no_keys
+ local fprs=($(list_primary_fingerprints <"$HOST_KEY_FILE"))
+
if [[ -z "$1" || "$1" == '--all' ]] ; then
keys="${fprs[@]}"
fi
for key in $keys ; do
if (( i++ > 0 )) ; then
- echo "##############################"
+ printf "\n"
fi
"$cmd" "$key"
done
# create the ssh key
tmpssh="$GNUPGHOME"/ssh_host_key_rsa_pub
- gpg --export "$fingerprint" 2>/dev/null \
+ gpg --export --no-armor "$fingerprint" 2>/dev/null \
| openpgp2ssh 2>/dev/null >"$tmpssh"
# list the host key info
# FIXME: make no-show-keyring work so we don't have to do the grep'ing
# FIXME: can we show uid validity somehow?
gpg --list-keys --list-options show-unusable-uids "$fingerprint" 2>/dev/null \
- | grep -v "^${GNUPGHOME}/pubring.gpg$" \
- | egrep -v '^-+$'
+ | grep -v "^${GNUPGHOME}/pubring.gpg$" \
+ | egrep -v '^-+$' \
+ | grep -v '^$'
# list revokers, if there are any
revokers=$(gpg --list-keys --with-colons --fixed-list-mode "$fingerprint" \
for key in $revokers ; do
echo "revoker: $key"
done
- echo
fi
# list the pgp fingerprint
shift
case $COMMAND in
- 'import-key'|'i')
+ 'import-key'|'import'|'i')
source "${MHSHAREDIR}/import_key"
import_key "$@"
;;
multi_key show_key "$@"
;;
- 'set-expire'|'extend-key'|'e')
+ 'set-expire'|'extend-key'|'extend'|'e')
source "${MHSHAREDIR}/set_expire"
set_expire "$@"
;;
update_pgp_pub_file
;;
- 'version'|'v')
+ 'version'|'--version'|'v')
version
;;