summaryrefslogtreecommitdiff
path: root/src/seckey2sshagent
blob: d8e9b79ac2e86da91cf156de986a8434135e7b37 (plain) 
    

  1. #!/bin/sh
    2. 

  2. 

  3. # seckey2sshagent: this is a hack of a script to cope with the fact
    4. 

  4. # that openpgp2ssh currently cannot support encrypted secret keys.
    5. 

  5. 

  6. # the basic operating principal is: 
    7. 

  7. 

  8. # export the secret key in encrypted format to a new keyring
    9. 

  9. 

  10. # remove the passphrase in that keyring
    11. 

  11. 

  12. # use that keyring with openpgp2ssh
    13. 

  13. 

  14. # Authors: Daniel Kahn Gillmor <dkg@fifthhorseman.net>,
    15. 

  15. #          Jameson Rollins <jrollins@fifthhorseman.net>
    16. 

  16. 

  17. 

  18. cleanup() {
    19. 

  19.     echo -n "removing temp gpg home... "
    20. 

  20.     rm -rf $FOO
    21. 

  21.     echo "done."
    22. 

  22. }
    23. 

  23. 

  24. trap cleanup EXIT
    25. 

  25. 

  26. GPGID="$1"
    27. 

  27. 

  28. idchars=$(echo $GPGID | wc -m)
    29. 

  29. if [ "$idchars" -ne 17 ] ; then
    30. 

  30.     echo "GPGID is not 16 characters ($idchars)."
    31. 

  31.     exit 1
    32. 

  32. fi
    33. 

  33. 

  34. FOO=$(mktemp -d)
    35. 

  35. 

  36. gpg --export-secret-key --export-options export-reset-subkey-passwd $GPGID | GNUPGHOME=$FOO gpg --import
    37. 

  37. 

  38. GNUPGHOME=$FOO gpg --edit-key $GPGID
    39. 

  39. 

  40. GNUPGHOME=$FOO gpg --export-secret-key $GPGID | openpgp2ssh $GPGID | ssh-add -c /dev/stdin
    41.
generated by cgit v1.2.3 (git 2.46.0) at 2025-01-13 08:59:32 +0000