blob: 93afb0a9274871fce0095c5fe905cd5b5d5e01ed (
plain)
- # -*-shell-script-*-
- # This should be sourced by bash (though we welcome changes to make it POSIX sh compliant)
- # Monkeysphere host import-key subcommand
- #
- # The monkeysphere scripts are written by:
- # Jameson Rollins <jrollins@finestructure.net>
- # Jamie McClelland <jm@mayfirst.org>
- # Daniel Kahn Gillmor <dkg@fifthhorseman.net>
- #
- # They are Copyright 2008-2009 and are all released under the GPL,
- # version 3 or later.
- import_key() {
- local hostName
- local userID
- local fingerprint
- # check for presence of secret key
- # FIXME: is this the proper test to be doing here?
- fingerprint_host_key >/dev/null \
- && failure "An OpenPGP host key already exists."
- hostName=${1:-$(hostname -f)}
- userID="ssh://${hostName}"
- # create host home
- mkdir -p "$GNUPGHOME_HOST"
- chmod 700 "$GNUPGHOME_HOST"
- log verbose "importing ssh key..."
- # translate ssh key to a private key
- PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" | gpg_host --import
- # find the key fingerprint of the newly converted key
- fingerprint=$(fingerprint_host_key)
- # export public key to file
- log debug "exporting openpgp public key..."
- gpg_host --export-options export-minimal --armor --export "0x${fingerprint}!" > "${MHDATADIR}/ssh_host_rsa_key.pub.gpg"
- log info "SSH host public key in OpenPGP form: ${MHDATADIR}/ssh_host_rsa_key.pub.gpg"
- # show info about new key
- show_key
- }
|