blob: 7e33471af152d4327b261d7ea2895fa276712501 (
plain)
- #!/bin/sh
- # howler: server gpg key generator/publisher
- #
- # Written by
- # Jameson Rollins <jrollins@fifthhorseman.net>
- #
- # Copyright 2008, released under the GPL, version 3 or later
- CMD=$(basename $0)
- ########################################################################
- # FUNCTIONS
- ########################################################################
- failure() {
- echo "$1" >&2
- exit ${2:-'1'}
- }
- ########################################################################
- # MAIN
- ########################################################################
- MS_HOME=${MS_HOME:-/etc/monkeysphere}
- . "$MS_HOME"/monkeysphere.conf
- export GNUPGHOME
- KEY_TYPE=${KEY_TYPE:-RSA}
- KEY_LENGTH=${KEY_LENGTH:-2048}
- KEY_USAGE=${KEY_USAGE:-encrypt,auth}
- SERVICE=${SERVICE:-ssh}
- HOSTNAME=${HOSTNAME:-$(hostname -f)}
- USERID=${USERID:-"$SERVICE"://"$HOSTNAME"}
- echo "key parameters:"
- cat <<EOF
- Key-Type: $KEY_TYPE
- Key-Length: $KEY_LENGTH
- Key-Usage: $KEY_USAGE
- Name-Real: $USERID
- EOF
- read -p "generate key? [Y|n]: " OK; OK=${OK:=Y}
- if [ ${OK/y/Y} != 'Y' ] ; then
- failure "aborting."
- fi
- if gpg --list-key ="$USERID" > /dev/null 2>&1 ; then
- failure "key for '$USERID' already exists"
- fi
- echo "generating server key..."
- gpg --batch --gen-key <<EOF
- Key-Type: $KEY_TYPE
- Key-Length: $KEY_LENGTH
- Key-Usage: $KEY_USAGE
- Name-Real: $USERID
- %commit
- EOF
- read -p "publish key to $KEY_SERVER? [Y|n]: " OK; OK=${OK:=Y}
- if [ ${OK/y/Y} != 'Y' ] ; then
- failure "aborting."
- fi
- echo "sending key to keyserver '$KEYSERVER'..."
- keyID=$(gpg --list-key --with-colons ="$USERID" 2> /dev/null | grep '^pub:' | cut -d: -f5)
- # dummy command so as not to publish fakes keys during testing
- # eventually:
- #gpg --send-keys --keyserver "$KEYSERVER" "$keyID"
- echo "gpg --send-keys --keyserver $KEYSERVER $keyID"
- echo "done."
|