\fBmonkeysphere-host\fP takes various subcommands:
.TP
-.B import-key [NAME[:PORT]]
-Import a pem-encoded ssh secret host key, from stdin. NAME[:PORT] is
-used to specify the hostname (and port) used in the user ID of the new
+.B import-key FILE [NAME[:PORT]]
+Import a pem-encoded ssh secret host key from file FILE. If FILE
+is '-', then the key will be imported from stdin. NAME[:PORT] is used
+to specify the hostname (and port) used in the user ID of the new
OpenPGP key. If NAME is not specified, then the system
fully-qualified domain name will be used (ie. `hostname -f'). If PORT
is not specified, the no port is added to the user ID, which means
Output information about host's OpenPGP and SSH keys. `s' may be used
in place of `show-key'.
.TP
-.B extend-key EXPIRE
+.B extend-key [EXPIRE]
Extend the validity of the OpenPGP key for the host until EXPIRE from
the present. If EXPIRE is not specified, then the user will be
-prompted for the extension term. Expiration is specified like GnuPG
-does:
+prompted for the extension term. Expiration is specified as with
+GnuPG:
.nf
0 = key does not expire
<n> = key expires in n days
Monkeysphere host admin tool.
subcommands:
- import-key (i) [NAME[:PORT]] import existing ssh key to gpg
+ import-key (i) FILE [NAME[:PORT]] import existing ssh key to gpg
show-key (s) output all host key information
- set-expire (e) EXPIRE set host key expiration
+ set-expire (e) [EXPIRE] set host key expiration
add-hostname (n+) NAME[:PORT] add hostname user ID to host key
revoke-hostname (n-) NAME[:PORT] revoke hostname user ID
add-revoker (o) FINGERPRINT add a revoker to the host key
shift
case $COMMAND in
+ 'import-key'|'i')
+ check_host_key
+ source "${MHSHAREDIR}/import_key"
+ import_key "$@"
+ ;;
+
'show-key'|'show'|'s')
check_host_no_key
show_key
publish_key
;;
- 'import-key'|'i')
- check_host_key
- source "${MHSHAREDIR}/import_key"
- import_key "$@"
- ;;
-
'diagnostics'|'d')
load_fingerprint
source "${MHSHAREDIR}/diagnostics"
import_key() {
+local sshKeyFile
local hostName
local domain
local userID
-hostName="$1"
+sshKeyFile="$1"
+hostName="$2"
# use the default hostname if not specified
if [ -z "$hostName" ] ; then
mkdir -p "${GNUPGHOME_HOST}"
chmod 700 "${GNUPGHOME_HOST}"
-log verbose "importing ssh key..."
-# translate ssh key to a private key
-PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" \
- | gpg_host --import
+# import ssh key to a private key
+if [ -z "$sshKeyFile" ] ; then
+ failure "Must specify ssh key file to import, or specify '-' for stdin."
+elif [ "$sshKeyFile" = '-' ] ; then
+ log verbose "importing ssh key from stdin..."
+ PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" \
+ | gpg_host --import
+else
+ log verbose "importing ssh key from file '$sshKeyFile'..."
+ PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" \
+ <"$sshKeyFile" \
+ | gpg_host --import
+fi
# load the new host fpr into the fpr variable. this is so we can
# create the gpg pub key file. we have to do this from the secret key
echo "##################################################"
echo "### import host key..."
ssh-keygen -b 1024 -t rsa -N '' -f "$TEMPDIR"/ssh_host_rsa_key
-monkeysphere-host import-key testhost < "$TEMPDIR"/ssh_host_rsa_key
+monkeysphere-host import-key "$TEMPDIR"/ssh_host_rsa_key testhost
echo "##################################################"
echo "### getting host key fingerprint..."