--- /dev/null
+#!/bin/bash
+#
+# Copyright (C) 2011 W. Trevor King <wking@drexel.edu>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Lesser General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this program. If not, see
+# <http://www.gnu.org/licenses/>.
+
+# Use Monkeysphere IDs in your GnuPG keyring to identify entries in
+# your known_hosts file.
+#
+# usage: unhash-known-hosts.sh path/to/known_hosts
+
+KNOWN_HOSTS="~/.ssh/known_hosts"
+if [ -n "${1}" ]; then
+ KNOWN_HOSTS="${1}"
+fi
+
+GPG_IDS=$(gpg --list-keys ssh | grep pub | sed 's/^[^/]*\///' | sed 's/ .*//')
+if [ -z "${GPG_IDS}" ]; then
+ echo 'no SSH IDs found in GnuPG keyring'
+ exit 1
+fi
+
+declare -A GPG_KEY
+declare -A GPG_UID
+
+for GPG_ID in $GPG_IDS; do
+ GPG_ENTRY=$(gpg --export "${GPG_ID}" | openpgp2ssh)
+ GPG_KEY["${GPG_ENTRY}"]="${GPG_ID}"
+ GPG_UID["${GPG_ID}"]=$(gpg --list-keys "${GPG_ID}" | sed -n 's/^uid *//p')
+done
+
+while read ENTRY; do
+ if [ -n "${ENTRY}" ] && [ "${ENTRY:0:1}" == "|" ]; then
+ HASH=$(echo "${ENTRY}" | awk '{print $1}')
+ ALG=$(echo "${ENTRY}" | awk '{print $2}')
+ KEY=$(echo "${ENTRY}" | awk '{print $3}')
+ #echo "${ENTRY}"
+ #echo "ALG: ${ALG}"
+ #echo "KEY: ${KEY}"
+ ALG_KEY="${ALG} ${KEY}"
+ GPG_ID="${GPG_KEY[${ALG_KEY}]}"
+ if [ -n "${GPG_ID}" ]; then
+ echo "GnuPG ID ${GPG_ID} (${GPG_UID[$GPG_ID]}) matches ${HASH}"
+ else
+ echo "did not match ${HASH}"
+ fi
+ fi
+done < "${KNOWN_HOSTS}"