3 # howler: monkeysphere server gpg generator/publisher/maintainer
6 # Jameson Rollins <jrollins@fifthhorseman.net>
8 # Copyright 2008, released under the GPL, version 3 or later
12 ########################################################################
14 ########################################################################
20 $PGRM trust-key KEYID [KEYID...]
30 # generate server gpg key
32 KEY_TYPE=${KEY_TYPE:-RSA}
33 KEY_LENGTH=${KEY_LENGTH:-2048}
34 KEY_USAGE=${KEY_USAGE:-encrypt,auth}
35 SERVICE=${SERVICE:-ssh}
36 HOSTNAME_FQDN=${HOSTNAME_FQDN:-$(hostname -f)}
38 USERID=${USERID:-"$SERVICE"://"$HOSTNAME_FQDN"}
40 echo "key parameters:"
43 Key-Length: $KEY_LENGTH
48 read -p "generate key? [Y|n]: " OK; OK=${OK:=Y}
49 if [ ${OK/y/Y} != 'Y' ] ; then
53 if gpg --list-key ="$USERID" > /dev/null 2>&1 ; then
54 failure "key for '$USERID' already exists"
57 echo "generating server key..."
58 gpg --batch --gen-key <<EOF
60 Key-Length: $KEY_LENGTH
68 read -p "publish key to $KEYSERVER? [Y|n]: " OK; OK=${OK:=Y}
69 if [ ${OK/y/Y} != 'Y' ] ; then
73 keyID=$(gpg --list-key --with-colons ="$USERID" 2> /dev/null | grep '^pub:' | cut -d: -f5)
75 # dummy command so as not to publish fakes keys during testing
77 #gpg --send-keys --keyserver "$KEYSERVER" "$keyID"
78 echo "gpg --send-keys --keyserver $KEYSERVER $keyID"
83 # get the key from the key server
84 gpg --keyserver "$KEYSERVER" --recv-key "$keyID" || failure "could not retrieve key '$keyID'"
86 # edit the key to change trust
87 # FIXME: need to figure out how to automate this,
88 # in a batch mode or something.
89 gpg --edit-key "$keyID"
93 ########################################################################
95 ########################################################################
97 # set ms home directory
98 MS_HOME=${MS_HOME:-/etc/monkeysphere}
100 # load configuration file
101 MS_CONF=${MS_CONF:-"$MS_HOME"/monkeysphere.conf}
102 [ -e "$MS_CONF" ] && . "$MS_CONF"
104 GNUPGHOME=${GNUPGHOME:-"$MS_HOME"/gnupg}
106 KEYSERVER=${KEYSERVER:-subkeys.pgp.net}
110 [ "$COMMAND" ] || failure "Type '$PGRM help' for usage."
121 if [ -z "$1" ] ; then
122 failure "you must specify at least one key to trust."
131 failure "Unknown command: '$COMMAND'
132 Type '$PGRM help' for usage."