#!/bin/sh # howler: monkeysphere server gpg generator/publisher/maintainer # # Written by # Jameson Rollins # # Copyright 2008, released under the GPL, version 3 or later PGRM=$(basename $0) ######################################################################## # FUNCTIONS ######################################################################## usage() { cat <&2 exit ${2:-'1'} } # generate server gpg key gen_key() { KEY_TYPE=${KEY_TYPE:-RSA} KEY_LENGTH=${KEY_LENGTH:-2048} KEY_USAGE=${KEY_USAGE:-encrypt,auth} SERVICE=${SERVICE:-ssh} HOSTNAME_FQDN=${HOSTNAME_FQDN:-$(hostname -f)} USERID=${USERID:-"$SERVICE"://"$HOSTNAME_FQDN"} echo "key parameters:" cat < /dev/null 2>&1 ; then failure "key for '$USERID' already exists" fi echo "generating server key..." gpg --batch --gen-key < /dev/null | grep '^pub:' | cut -d: -f5) # dummy command so as not to publish fakes keys during testing # eventually: #gpg --send-keys --keyserver "$KEYSERVER" "$keyID" echo "gpg --send-keys --keyserver $KEYSERVER $keyID" } # FIXME: need to figure out how to automate this, in a batch mode # or something. trust_uids() { for userID ; do gpg --keyserver "$KEYSERVER" --search ="$userID" gpg --edit-key "$userID" done } ######################################################################## # MAIN ######################################################################## # set ms home directory MS_HOME=${MS_HOME:-/etc/monkeysphere} # load configuration file MS_CONF=${MS_CONF:-"$MS_HOME"/monkeysphere.conf} [ -e "$MS_CONF" ] && . "$MS_CONF" GNUPGHOME=${GNUPGHOME:-"$MS_HOME"/gnupg} export GNUPGHOME KEYSERVER=${KEYSERVER:-subkeys.pgp.net} export KEYSERVER COMMAND="$1" [ "$COMMAND" ] || failure "Type '$PGRM help' for usage." shift 1 case $COMMAND in 'gen-key') gen_key ;; 'publish-key') publish_key ;; 'trust-uids') trust_uids "$@" ;; 'help') usage exit ;; *) failure "Unknown command: '$COMMAND' Type '$PGRM help' for usage." ;; esac