}
# command for edit key scripts, takes scripts on stdin
+# FIXME: should we supress all the edit script spew? or pipe it
+# through log debug?
gpg_host_edit() {
gpg_host --quiet --command-fd 0 --edit-key \
"0x${HOST_FINGERPRINT}!" "$@"
# export gpg pub key file
# FIXME: this seems much less than ideal, with all this temp keyring
# stuff. is there a way we can do this without having to create temp
-# files?
+# files? what if we stored the fingerprint in MHDATADIR/fingerprint?
load_fingerprint() {
if [ -f "$HOST_KEY_FILE" ] ; then
HOST_FINGERPRINT=$( \
| grep '^fpr:' | cut -d: -f10 )
# list the host key info
+ # FIXME: make no-show-keyring work so we don't have to do the grep'ing
+ # FIXME: why is this not showing key expiration?
gpg --list-keys --fingerprint \
- --list-options show-unusable-uids 2>/dev/null
+ --list-options show-unusable-uids 2>/dev/null \
+ | grep -v "^${GNUPGHOME}/pubring.gpg$" \
+ | egrep -v '^-+$'
# list the pgp fingerprint
echo "OpenPGP fingerprint: $HOST_FINGERPRINT"
echo "WARNING: There is a known bug in this function."
echo "This function has been known to occasionally revoke the wrong user ID."
echo "Please see the following bug report for more information:"
-echo "http://web.monkeysphere.info/bugs/revoke-hostname-revoking-wrong-userid/"
+echo "https://labs.riseup.net/code/issues/show/422"
read -p "Are you sure you would like to proceed? (y/N) " OK; OK=${OK:=N}
if [ ${OK/y/Y} != 'Y' ] ; then
failure "aborting."