summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJameson Graef Rollins <jrollins@phys.columbia.edu>2008-05-25 14:49:26 -0400
committerJameson Graef Rollins <jrollins@phys.columbia.edu>2008-05-25 14:49:26 -0400
commit03f7058885d83592f3fe4faefc2d3fb148615ec4 (patch)
treebb48db17f75abaf5438d83e3d4cb3c85cbf8d717
parent491612988f2207deaa479249f5a42c9e916704d1 (diff)
add new component "howler": small script to generate and publish a gpg
key for a server
-rwxr-xr-xhowler/howler78
1 files changed, 78 insertions, 0 deletions
diff --git a/howler/howler b/howler/howler
new file mode 100755
index 0000000..7e33471
--- /dev/null
+++ b/howler/howler
@@ -0,0 +1,78 @@
+#!/bin/sh
+
+# howler: server gpg key generator/publisher
+#
+# Written by
+# Jameson Rollins <jrollins@fifthhorseman.net>
+#
+# Copyright 2008, released under the GPL, version 3 or later
+
+CMD=$(basename $0)
+
+########################################################################
+# FUNCTIONS
+########################################################################
+
+failure() {
+ echo "$1" >&2
+ exit ${2:-'1'}
+}
+
+########################################################################
+# MAIN
+########################################################################
+
+MS_HOME=${MS_HOME:-/etc/monkeysphere}
+
+. "$MS_HOME"/monkeysphere.conf
+
+export GNUPGHOME
+
+KEY_TYPE=${KEY_TYPE:-RSA}
+KEY_LENGTH=${KEY_LENGTH:-2048}
+KEY_USAGE=${KEY_USAGE:-encrypt,auth}
+SERVICE=${SERVICE:-ssh}
+HOSTNAME=${HOSTNAME:-$(hostname -f)}
+
+USERID=${USERID:-"$SERVICE"://"$HOSTNAME"}
+
+echo "key parameters:"
+cat <<EOF
+Key-Type: $KEY_TYPE
+Key-Length: $KEY_LENGTH
+Key-Usage: $KEY_USAGE
+Name-Real: $USERID
+EOF
+
+read -p "generate key? [Y|n]: " OK; OK=${OK:=Y}
+if [ ${OK/y/Y} != 'Y' ] ; then
+ failure "aborting."
+fi
+
+if gpg --list-key ="$USERID" > /dev/null 2>&1 ; then
+ failure "key for '$USERID' already exists"
+fi
+
+echo "generating server key..."
+gpg --batch --gen-key <<EOF
+Key-Type: $KEY_TYPE
+Key-Length: $KEY_LENGTH
+Key-Usage: $KEY_USAGE
+Name-Real: $USERID
+%commit
+EOF
+
+read -p "publish key to $KEY_SERVER? [Y|n]: " OK; OK=${OK:=Y}
+if [ ${OK/y/Y} != 'Y' ] ; then
+ failure "aborting."
+fi
+
+echo "sending key to keyserver '$KEYSERVER'..."
+keyID=$(gpg --list-key --with-colons ="$USERID" 2> /dev/null | grep '^pub:' | cut -d: -f5)
+
+# dummy command so as not to publish fakes keys during testing
+# eventually:
+#gpg --send-keys --keyserver "$KEYSERVER" "$keyID"
+echo "gpg --send-keys --keyserver $KEYSERVER $keyID"
+
+echo "done."