summaryrefslogtreecommitdiff
path: root/src/share/mh/gen_key
blob: 1f8e97e4027513f0814a294eed5ad6807a842fe7 (plain)
  1. # -*-shell-script-*-
  2. # This should be sourced by bash (though we welcome changes to make it POSIX sh compliant)
  3. # Monkeysphere host gen-key subcommand
  4. #
  5. # The monkeysphere scripts are written by:
  6. # Jameson Rollins <jrollins@finestructure.net>
  7. # Jamie McClelland <jm@mayfirst.org>
  8. # Daniel Kahn Gillmor <dkg@fifthhorseman.net>
  9. #
  10. # They are Copyright 2008-2009, and are all released under the GPL,
  11. # version 3 or later.
  12. gen_key() {
  13. local hostName=$(hostname -f)
  14. local keyType="RSA"
  15. local keyLength="2048"
  16. local keyUsage="auth"
  17. local keyExpire="0"
  18. local userID
  19. # check for presense of a key
  20. [ "$FINGERPRINT" ] && \
  21. failure "An OpenPGP host key already exists."
  22. # get options
  23. while true ; do
  24. case "$1" in
  25. -l|--length)
  26. keyLength="$2"
  27. shift 2
  28. ;;
  29. *)
  30. if [ "$(echo "$1" | cut -c 1)" = '-' ] ; then
  31. failure "Unknown option '$1'.
  32. Type '$PGRM help' for usage."
  33. fi
  34. break
  35. ;;
  36. esac
  37. done
  38. hostName="$1"
  39. userID="ssh://${hostName}"
  40. # create host home
  41. mkdir -p "$GNUPGHOME_HOST"
  42. chmod 700 "$GNUPGHOME_HOST"
  43. log debug "generating host key..."
  44. gpg_host --batch --gen-key <<EOF
  45. Key-Type: $keyType
  46. Key-Length: $keyLength
  47. Key-Usage: $keyUsage
  48. Name-Real: $userID
  49. Expire-Date: $keyExpire
  50. %commit
  51. %echo done
  52. EOF
  53. # find the key fingerprint of the newly converted key
  54. HOST_FINGERPRINT=$(fingerprint_host_key)
  55. export HOST_FINGERPRINT
  56. # translate the private key to ssh format, and export to a file
  57. # for sshs usage.
  58. # NOTE: assumes that the primary key is the proper key to use
  59. log debug "exporting ssh secret key..."
  60. (umask 077 && \
  61. gpg_host --export-secret-key "$HOST_FINGERPRINT" | \
  62. openpgp2ssh "$HOST_FINGERPRINT" > "${MHDATADIR}/ssh_host_rsa_key")
  63. log info "SSH host private key output to file: ${MHDATADIR}/ssh_host_rsa_key"
  64. log debug "creating ssh public key..."
  65. ssh-keygen -y -f "${MHDATADIR}/ssh_host_rsa_key" > "${SYSDATADIR}/ssh_host_rsa_key.pub"
  66. log info "SSH host public key output to file: ${SYSDATADIR}/ssh_host_rsa_key.pub"
  67. # export public key to file
  68. gpg_host_export_to_ssh_file
  69. # show info about new key
  70. show_key
  71. }