publish_key() {
-read -p "Really publish host key to $KEYSERVER? (y/N) " OK; OK=${OK:=N}
-if [ ${OK/y/Y} != 'Y' ] ; then
- failure "key not published."
+local GNUPGHOME
+
+if [ "$PROMPT" = "true" ] ; then
+ read -p "Really publish host key to $KEYSERVER? (Y/n) " OK; OK=${OK:=Y}
+ if [ "${OK/y/Y}" != 'Y' ] ; then
+ failure "key not published."
+ fi
+else
+ log debug "publishing key without prompting."
fi
-# find the key fingerprint
-fingerprint=$(fingerprint_server_key)
+# create a temporary gnupg directory from which to publish the key
+export GNUPGHOME=$(msmktempdir)
+
+# trap to remove tmp dir if break
+trap "rm -rf $GNUPGHOME" EXIT
+
+# import the host key into the tmp dir
+su_monkeysphere_user \
+ "gpg --quiet --import" <"$HOST_KEY_FILE"
# publish host key
-# FIXME: need to define how to do this
-#gpg_authentication "--keyserver $KEYSERVER --send-keys '0x${fingerprint}!'"
-echo "not published!!!"
+su_monkeysphere_user \
+ "gpg --keyserver $KEYSERVER --send-keys '0x${HOST_FINGERPRINT}!'"
+
+# remove the tmp file
+trap - EXIT
+rm -rf "$GNUPGHOME"
}