#!/bin/sh # seckey2sshagent: this is a hack of a script to cope with the fact # that openpgp2ssh currently cannot support encrypted secret keys. # the basic operating principal is: # export the secret key in encrypted format to a new keyring # remove the passphrase in that keyring # use that keyring with openpgp2ssh # Authors: Daniel Kahn Gillmor , # Jameson Rollins cleanup() { echo -n "removing temp gpg home... " rm -rf $FOO echo "done." } trap cleanup EXIT GPGID="$1" idchars=$(echo $GPGID | wc -m) if [ "$idchars" -ne 17 ] ; then echo "GPGID is not 16 characters ($idchars)." exit 1 fi FOO=$(mktemp -d) gpg --export-secret-key --export-options export-reset-subkey-passwd $GPGID | GNUPGHOME=$FOO gpg --import GNUPGHOME=$FOO gpg --edit-key $GPGID GNUPGHOME=$FOO gpg --export-secret-key $GPGID | openpgp2ssh $GPGID | ssh-add -c /dev/stdin