#!/bin/sh # seckey2sshagent: this is a hack of a script to cope with the fact # that openpgp2ssh currently cannot support encrypted secret keys. # the basic operating principal is: # export the secret key in encrypted format to a new keyring # remove the passphrase in that keyring # use that keyring with openpgp2ssh # Authors: Daniel Kahn Gillmor <dkg@fifthhorseman.net>, # Jameson Rollins <jrollins@fifthhorseman.net> cleanup() { echo -n "removing temp gpg home... " 1>&2 rm -rf $FOO echo "done." 1>&2 } trap cleanup EXIT #GPGID="$1" GPGID=$(echo "$1" | cut -c 25-) FOO=$(mktemp -d) gpg --export-secret-key $GPGID | GNUPGHOME="$FOO" gpg --import # idea to script the password stuff. not working. # read -s -p "enter gpg password: " PASSWD; echo # cmd=$(cat <<EOF # passwd # $PASSWD # \n # \n # \n # yes # save # EOF # ) # echo -e "$cmd" | GNUPGHOME="$FOO" gpg --command-fd 0 --edit-key $GPGID GNUPGHOME="$FOO" gpg --edit-key $GPGID ln -s /dev/stdin "$FOO"/openpgp GNUPGHOME="$FOO" gpg --export-secret-key $GPGID | \ openpgp2ssh $GPGID | ssh-add -c "$FOO"/openpgp