diff options
Diffstat (limited to 'src/seckey2sshagent')
| -rwxr-xr-x | src/seckey2sshagent | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/src/seckey2sshagent b/src/seckey2sshagent new file mode 100755 index 0000000..d8e9b79 --- /dev/null +++ b/src/seckey2sshagent @@ -0,0 +1,40 @@ +#!/bin/sh + +# seckey2sshagent: this is a hack of a script to cope with the fact +# that openpgp2ssh currently cannot support encrypted secret keys. + +# the basic operating principal is: + +# export the secret key in encrypted format to a new keyring + +# remove the passphrase in that keyring + +# use that keyring with openpgp2ssh + +# Authors: Daniel Kahn Gillmor <dkg@fifthhorseman.net>, +# Jameson Rollins <jrollins@fifthhorseman.net> + + +cleanup() { + echo -n "removing temp gpg home... " + rm -rf $FOO + echo "done." +} + +trap cleanup EXIT + +GPGID="$1" + +idchars=$(echo $GPGID | wc -m) +if [ "$idchars" -ne 17 ] ; then + echo "GPGID is not 16 characters ($idchars)." + exit 1 +fi + +FOO=$(mktemp -d) + +gpg --export-secret-key --export-options export-reset-subkey-passwd $GPGID | GNUPGHOME=$FOO gpg --import + +GNUPGHOME=$FOO gpg --edit-key $GPGID + +GNUPGHOME=$FOO gpg --export-secret-key $GPGID | openpgp2ssh $GPGID | ssh-add -c /dev/stdin |