X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=src%2Fmonkeysphere-server;h=a1844eeeba6af74cfe129836e7744d477ef54940;hb=8e6fcc118095adc58335c594f50d367393d8f61a;hp=0b63e5cefb476f637642ba46ee4bec58bb6c8600;hpb=f83f5532fb1cec60741ce07cf90df4abdf5b2c1f;p=monkeysphere.git diff --git a/src/monkeysphere-server b/src/monkeysphere-server index 0b63e5c..a1844ee 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -132,13 +132,13 @@ show_server_key() { fingerprint=$(fingerprint_server_key) gpg_authentication "--fingerprint --list-key --list-options show-unusable-uids $fingerprint" - # dumping to a file named ' ' so that the ssh-keygen output - # doesn't claim any potentially bogus hostname(s): - tmpkey=$(mktemp -d ${TMPDIR:-/tmp}/tmp.XXXXXXXXXX) - gpg_authentication "--export $fingerprint" | openpgp2ssh "$fingerprint" 2>/dev/null > "$tmpkey/ " + # do some crazy "Here Strings" redirection to get the key to + # ssh-keygen, since it doesn't read from stdin cleanly echo -n "ssh fingerprint: " - (cd "$tmpkey" && ssh-keygen -l -f ' ' | awk '{ print $2 }') - rm -rf "$tmpkey" + ssh-keygen -l -f /dev/stdin \ + <<<$(gpg_authentication "--export $fingerprint" | \ + openpgp2ssh "$fingerprint" 2>/dev/null) | \ + awk '{ print $1, $2, $4 }' echo -n "OpenPGP fingerprint: " echo "$fingerprint" } @@ -180,7 +180,7 @@ update_users() { log verbose "----- user: $uname -----" # make temporary directory - TMPLOC=$(mktemp -d ${MSTMPDIR}/tmp.XXXXXXXXXX) + TMPLOC=$(mktemp -d ${MSTMPDIR}/tmp.XXXXXXXXXX) || failure "Could not create temporary directory!" # trap to delete temporary directory on exit trap "rm -rf $TMPLOC" EXIT @@ -230,7 +230,7 @@ update_users() { # add user-controlled authorized_keys file if specified # translate ssh-style path variables rawAuthorizedKeys=$(translate_ssh_variables "$uname" "$RAW_AUTHORIZED_KEYS") - if [ "$rawAuthorizedKeys" ] ; then + if [ "$rawAuthorizedKeys" != 'none' ] ; then log debug "checking for raw authorized_keys..." if [ -s "$rawAuthorizedKeys" ] ; then # check permissions on the authorized_keys file path @@ -399,7 +399,11 @@ EOF (umask 077 && \ gpg_host --export-secret-key "$fingerprint" | \ openpgp2ssh "$fingerprint" > "${SYSDATADIR}/ssh_host_rsa_key") - log info "private SSH host key output to file: ${SYSDATADIR}/ssh_host_rsa_key" + log info "SSH host private key output to file: ${SYSDATADIR}/ssh_host_rsa_key" + ssh-keygen -y -f "${SYSDATADIR}/ssh_host_rsa_key" > "${SYSDATADIR}/ssh_host_rsa_key.pub" + log info "SSH host public key output to file: ${SYSDATADIR}/ssh_host_rsa_key.pub" + gpg_authentication "--export-options export-minimal --armor --export 0x${fingerprint}\!" > "${SYSDATADIR}/ssh_host_rsa_key.pub.gpg" + log info "SSH host public key in OpenPGP form: ${SYSDATADIR}/ssh_host_rsa_key.pub.gpg" } # extend the lifetime of a host key: