X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=src%2Fmonkeysphere-host;h=d6e4c686287a57c0782e33896c08d44200252247;hb=b55981fb8aa689aede58ed7ab4d8692c52b5c472;hp=4aab995950e89ed1323275431594023810503da8;hpb=c4f049f6a8dfd1e0e301a6abffafb5c0012ccc0e;p=monkeysphere.git diff --git a/src/monkeysphere-host b/src/monkeysphere-host index 4aab995..d6e4c68 100755 --- a/src/monkeysphere-host +++ b/src/monkeysphere-host @@ -32,6 +32,10 @@ MHSHAREDIR="${SYSSHAREDIR}/mh" # datadir for host functions MHDATADIR="${SYSDATADIR}/host" +# temp directory for temp gnupghome directories for add_revoker +MHTMPDIR="${MHDATADIR}/tmp" +export MHTMPDIR + # host pub key files HOST_KEY_PUB="${SYSDATADIR}/ssh_host_rsa_key.pub" HOST_KEY_PUB_GPG="${SYSDATADIR}/ssh_host_rsa_key.pub.gpg" @@ -97,23 +101,6 @@ gpg_host_export() { "0x${HOST_FINGERPRINT}!" } -# export the host secret key to the monkeysphere ssh sec key file -# NOTE: assumes that the primary key is the proper key to use -create_ssh_sec_file() { - log debug "creating ssh secret key file..." - (umask 077 && \ - gpg_host --export-secret-key "$HOST_FINGERPRINT" | \ - openpgp2ssh "$HOST_FINGERPRINT" > "${MHDATADIR}/ssh_host_rsa_key") - log info "SSH host secret key file: ${MHDATADIR}/ssh_host_rsa_key" -} - -# export the host public key to the monkeysphere ssh pub key file -create_ssh_pub_file() { - log debug "creating ssh public key file..." - ssh-keygen -y -f "${MHDATADIR}/ssh_host_rsa_key" > "$HOST_KEY_PUB" - log info "SSH host public key file: $HOST_KEY_PUB" -} - # export the host public key to the monkeysphere gpg pub key file create_gpg_pub_file() { log debug "creating openpgp public key file..." @@ -123,6 +110,9 @@ create_gpg_pub_file() { # load the host fingerprint into the fingerprint variable, using the # export gpg pub key file +# FIXME: this seems much less than ideal, with all this temp keyring +# stuff. is there a way we can do this without having to create temp +# files? load_fingerprint() { if [ -f "$HOST_KEY_PUB_GPG" ] ; then HOST_FINGERPRINT=$( \ @@ -191,7 +181,7 @@ find_host_userid() { # show info about the host key show_key() { gpg_host --fingerprint --list-key --list-options show-unusable-uids \ - "0x${HOST_FINGERPRINT}!" 2>/dev/null + "0x${HOST_FINGERPRINT}!" 2>/dev/null || true # FIXME: make sure expiration date is shown echo "OpenPGP fingerprint: $HOST_FINGERPRINT" @@ -304,7 +294,7 @@ case $COMMAND in usage: $PGRM expert [options] [args] expert subcommands: - import-key (i) [NAME[:PORT]] import existing ssh key to gpg + import-key (i) FILE [NAME[:PORT]] import existing ssh key to gpg gen-key (g) [NAME[:PORT]] generate gpg key for the host --length (-l) BITS key length in bits (2048) diagnostics (d) monkeysphere host status