summaryrefslogtreecommitdiff
path: root/src/share/mh/gen_key
blob: 96053bcd8677ff1802a98dea0628d2383509090c (plain) 
    

  1. # -*-shell-script-*-
    2. 

  2. # This should be sourced by bash (though we welcome changes to make it POSIX sh compliant)
    3. 

  3. 

  4. # Monkeysphere host gen-key subcommand
    5. 

  5. #
    6. 

  6. # The monkeysphere scripts are written by:
    7. 

  7. # Jameson Rollins <jrollins@finestructure.net>
    8. 

  8. # Jamie McClelland <jm@mayfirst.org>
    9. 

  9. # Daniel Kahn Gillmor <dkg@fifthhorseman.net>
    10. 

  10. #
    11. 

  11. # They are Copyright 2008-2009, and are all released under the GPL,
    12. 

  12. # version 3 or later.
    13. 

  13. 

  14. gen_key() {
    15. 

  15. 

  16. local hostName
    17. 

  17. local keyType="RSA"
    18. 

  18. local keyLength="2048"
    19. 

  19. local keyUsage="auth"
    20. 

  20. local keyExpire="0"
    21. 

  21. local userID
    22. 

  22. 

  23. # get options
    24. 

  24. while true ; do
    25. 

  25.     case "$1" in
    26. 

  26.         -l|--length)
    27. 

  27.         keyLength="$2"
    28. 

  28.         shift 2
    29. 

  29.         ;;
    30. 

  30.         *)
    31. 

  31.         if [ "$(echo "$1" | cut -c 1)" = '-' ] ; then
    32. 

  32.             failure "Unknown option '$1'.
    33. 

  33. Type '$PGRM help' for usage."
    34. 

  34.         fi
    35. 

  35.         break
    36. 

  36.         ;;
    37. 

  37.     esac
    38. 

  38. done
    39. 

  39. 

  40. hostName=${1:-$(hostname -f)}
    41. 

  41. userID="ssh://${hostName}"
    42. 

  42. 

  43. # create host home
    44. 

  44. mkdir -p "${MHDATADIR}"
    45. 

  45. mkdir -p "${MHTMPDIR}"
    46. 

  46. mkdir -p "${GNUPGHOME_HOST}"
    47. 

  47. chmod 700 "${GNUPGHOME_HOST}"
    48. 

  48. 

  49. log debug "generating host key..."
    50. 

  50. gpg_host --batch --gen-key <<EOF
    51. 

  51. Key-Type: $keyType
    52. 

  52. Key-Length: $keyLength
    53. 

  53. Key-Usage: $keyUsage
    54. 

  54. Name-Real: $userID
    55. 

  55. Expire-Date: $keyExpire
    56. 

  56. 

  57. %commit
    58. 

  58. %echo done
    59. 

  59. 

  60. EOF
    61. 

  61. 

  62. # load the new host fpr into the fpr variable
    63. 

  63. load_fingerprint_secret
    64. 

  64. 

  65. # export the host secret key to the monkeysphere ssh sec key file
    66. 

  66. # NOTE: assumes that the primary key is the proper key to use
    67. 

  67. log debug "creating ssh secret key file..."
    68. 

  68. (umask 077 && \
    69. 

  69.     gpg_host --export-secret-key "$HOST_FINGERPRINT" | \
    70. 

  70.     openpgp2ssh "$HOST_FINGERPRINT" > "${MHDATADIR}/ssh_host_rsa_key")
    71. 

  71. log info "SSH host secret key file: ${MHDATADIR}/ssh_host_rsa_key"
    72. 

  72. 

  73. # export the host public key to the monkeysphere ssh pub key file
    74. 

  74. log debug "creating ssh public key file..."
    75. 

  75. ssh-keygen -y -f "${MHDATADIR}/ssh_host_rsa_key" > "$HOST_KEY_PUB"
    76. 

  76. log info "SSH host public key file: $HOST_KEY_PUB"
    77. 

  77. 

  78. # export to gpg public key to file
    79. 

  79. create_gpg_pub_file
    80. 

  80. 

  81. # show info about new key
    82. 

  82. show_key
    83. 

  83. 

  84. }
    85.
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-02 06:41:11 +0000