summaryrefslogtreecommitdiff
path: root/src/share/mh/gen_key
blob: 96053bcd8677ff1802a98dea0628d2383509090c (plain)
  1. # -*-shell-script-*-
  2. # This should be sourced by bash (though we welcome changes to make it POSIX sh compliant)
  3. # Monkeysphere host gen-key subcommand
  4. #
  5. # The monkeysphere scripts are written by:
  6. # Jameson Rollins <jrollins@finestructure.net>
  7. # Jamie McClelland <jm@mayfirst.org>
  8. # Daniel Kahn Gillmor <dkg@fifthhorseman.net>
  9. #
  10. # They are Copyright 2008-2009, and are all released under the GPL,
  11. # version 3 or later.
  12. gen_key() {
  13. local hostName
  14. local keyType="RSA"
  15. local keyLength="2048"
  16. local keyUsage="auth"
  17. local keyExpire="0"
  18. local userID
  19. # get options
  20. while true ; do
  21. case "$1" in
  22. -l|--length)
  23. keyLength="$2"
  24. shift 2
  25. ;;
  26. *)
  27. if [ "$(echo "$1" | cut -c 1)" = '-' ] ; then
  28. failure "Unknown option '$1'.
  29. Type '$PGRM help' for usage."
  30. fi
  31. break
  32. ;;
  33. esac
  34. done
  35. hostName=${1:-$(hostname -f)}
  36. userID="ssh://${hostName}"
  37. # create host home
  38. mkdir -p "${MHDATADIR}"
  39. mkdir -p "${MHTMPDIR}"
  40. mkdir -p "${GNUPGHOME_HOST}"
  41. chmod 700 "${GNUPGHOME_HOST}"
  42. log debug "generating host key..."
  43. gpg_host --batch --gen-key <<EOF
  44. Key-Type: $keyType
  45. Key-Length: $keyLength
  46. Key-Usage: $keyUsage
  47. Name-Real: $userID
  48. Expire-Date: $keyExpire
  49. %commit
  50. %echo done
  51. EOF
  52. # load the new host fpr into the fpr variable
  53. load_fingerprint_secret
  54. # export the host secret key to the monkeysphere ssh sec key file
  55. # NOTE: assumes that the primary key is the proper key to use
  56. log debug "creating ssh secret key file..."
  57. (umask 077 && \
  58. gpg_host --export-secret-key "$HOST_FINGERPRINT" | \
  59. openpgp2ssh "$HOST_FINGERPRINT" > "${MHDATADIR}/ssh_host_rsa_key")
  60. log info "SSH host secret key file: ${MHDATADIR}/ssh_host_rsa_key"
  61. # export the host public key to the monkeysphere ssh pub key file
  62. log debug "creating ssh public key file..."
  63. ssh-keygen -y -f "${MHDATADIR}/ssh_host_rsa_key" > "$HOST_KEY_PUB"
  64. log info "SSH host public key file: $HOST_KEY_PUB"
  65. # export to gpg public key to file
  66. create_gpg_pub_file
  67. # show info about new key
  68. show_key
  69. }