# show info about the host key
show_key() {
local GNUPGHOME
+ local TMPSSH
+ local revokers
# tmp gpghome dir
export GNUPGHOME=$(msmktempdir)
# list the host key info
# FIXME: make no-show-keyring work so we don't have to do the grep'ing
# FIXME: can we show uid validity somehow?
- # FIXME: show revokers as well
gpg --list-keys --fingerprint \
--list-options show-unusable-uids 2>/dev/null \
| grep -v "^${GNUPGHOME}/pubring.gpg$" \
| egrep -v '^-+$'
+ # list revokers, if there are any
+ revokers=$(gpg --list-keys --with-colons --fixed-list-mode \
+ | grep '^rvk:' | cut -d: -f10)
+ if [ "$revokers" ] ; then
+ echo "The following keys are allowed to revoke this host key:"
+ for key in $revokers ; do
+ echo "revoker: $key"
+ done
+ echo
+ fi
+
# list the pgp fingerprint
echo "OpenPGP fingerprint: $HOST_FINGERPRINT"