- gpg --export-secret-key "$GPGID" | GNUPGHOME="$TMPPRIVATE" gpg --import
-
-# idea to script the password stuff. not working.
-# read -s -p "enter gpg password: " PASSWD; echo
-# cmd=$(cat <<EOF
-# passwd
-# $PASSWD
-# \n
-# \n
-# \n
-# yes
-# save
-# EOF
-# )
-# echo -e "$cmd" | GNUPGHOME="$TMPPRIVATE" gpg --command-fd 0 --edit-key $GPGID
-
- GNUPGHOME="$TMPPRIVATE" gpg --edit-key "$GPGID"
-
- KEYNAME='MonkeySphere Key '$(echo "$GPGID" | tr -c -d '0-9a-fA-F')''
-# creating this alias so the key is named "monkeysphere-key" in the
-# comment stored by the agent, while never being written to disk in
-# SSH form:
- ln -s /dev/stdin "$TMPPRIVATE/$KEYNAME"
-
- GNUPGHOME="$TMPPRIVATE" gpg --export-secret-keys "$GPGID" | \
- openpgp2ssh $GPGID | (cd "$TMPPRIVATE" && ssh-add -c "$KEYNAME")
+ # if specified, write key to fail and passprotect
+ if [ "$FILE" ] ; then
+ # export secret key to file
+ export_sec_key > "$TMPPRIVATE/key"
+ # passprotect file
+ ssh-keygen -f "${TMPPRIVATE}/key" -p
+ # move into place
+ mv "${TMPPRIVATE}/key" "$FILE"
+
+ # export public key
+ gpg --export "$GPGID" | openpgp2ssh "$GPGID" > "${FILE}.pub"
+
+ # otherwise add to agent
+ else
+ KEYNAME='MonkeySphere Key '$(echo "$GPGID" | tr -c -d '0-9a-fA-F')''
+
+ # creating this alias so the key is named "monkeysphere-key" in the
+ # comment stored by the agent, while never being written to disk in
+ # SSH form:
+ ln -s /dev/stdin "${TMPPRIVATE}/${KEYNAME}"
+
+ # export secret key to agent
+ export_sec_key | (cd "$TMPPRIVATE" && ssh-add -c "$KEYNAME")
+ fi