[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Monotone-devel] Dealing with lost key
From: |
Timothy Brownawell |
Subject: |
Re: [Monotone-devel] Dealing with lost key |
Date: |
Sat, 17 Jan 2009 19:27:42 +0000 |
On Thu, 2009-01-15 at 14:19 -0800, dlakelan wrote:
> I've lost a key which has been used to certify a variety of things in
> one project. I've generated a new key, and now I'd like to replace all
> the old certificates with new certificates from the new key, and have my
> collaborators do the same... so we don't get a lot of warnings about
> incorrect certs. How can I do this?
There's no simple way to replace certs like that, the easiest solution
is to just keep them and make sure the new key has a different name.
I don't think we have a command that can delete particular certs (except
branch certs, and that isn't by key), and I also don't think we have a
command to get all certs from a particular key.
If you really do need to delete the old certs and generate new ones,
something along these lines would probably work (not tested, may ruin
your db)...
# in case this breaks things horribly
cp your_db your_db_backup
# get a list of old certs
mtn -d your_db db execute "select hex(id), name,
replace(value,x'0A','NEWLINE') from revision_certs where keypair =
'your_keypair_id'" >old_certs
# delete old certs
mtn -d your_db db execute "delete from revision_certs where keypair =
'your_keypair_id'"
# create new certs to replace them
IFS='|'
while read revid cert_name cert_value
do
mtn -d your_db -k your_new_keypair_id cert $revid $cert_name "$(echo
$cert_value | sed 's/NEWLINE/\n/g')"
done
Collaborators would have to either (1) delete/rename their databases and
pull a fresh db from you (this includes any dedicated server databases,
those would also have to be deleted/replaced) or (2) run the backup and
delete-old-certs steps and re-pull (again including any dedicated
servers).
- [Monotone-devel] Dealing with lost key, dlakelan, 2009/01/15
- Re: [Monotone-devel] Dealing with lost key,
Timothy Brownawell <=
- Re: [Monotone-devel] Dealing with lost key, dlakelan, 2009/01/17
- Re: [Monotone-devel] Dealing with lost key, Timothy Brownawell, 2009/01/17
- Re: [Monotone-devel] Dealing with lost key, dlakelan, 2009/01/17
- Re: [Monotone-devel] Dealing with lost key, Brian May, 2009/01/18
- Re: [Monotone-devel] Dealing with lost key, Ethan Blanton, 2009/01/18
- Re: [Monotone-devel] Dealing with lost key, dlakelan, 2009/01/21
- Re: [Monotone-devel] Dealing with lost key, Ethan Blanton, 2009/01/22