failure "You must specify the key ID of your primary key."
fi
- gpgOut=$(gpg --quiet --fixed-list-mode --list-keys --with-colons \
- "$keyID" 2> /dev/null)
+ # get key output, and fail if not found
+ gpgOut=$(gpg --quiet --fixed-list-mode --list-secret-keys --with-colons \
+ "$keyID") || failure
- # fail if there only "tru" lines are output from gpg, which
- # indicates the key was not found.
- if [ -z "$(echo "$gpgOut" | grep -v '^tru:')" ] ; then
- failure "Key ID '$keyID' not found."
- fi
-
- # fail if multiple pub lines are returned, which means the id given
- # is not unique
- if [ $(echo "$gpgOut" | grep '^pub:' | wc -l) -gt '1' ] ; then
+ # fail if multiple sec lines are returned, which means the id
+ # given is not unique
+ if [ $(echo "$gpgOut" | grep '^sec:' | wc -l) -gt '1' ] ; then
failure "Key ID '$keyID' is not unique."
fi
# prompt if an authentication subkey already exists
- if echo "$gpgOut" | egrep "^(pub|sub):" | cut -d: -f 12 | grep -q a ; then
+ if echo "$gpgOut" | egrep "^(sec|ssb):" | cut -d: -f 12 | grep -q a ; then
echo "An authentication subkey already exists for key '$keyID'."
read -p "Are you sure you would like to generate another one? (y/N) " OK; OK=${OK:N}
if [ "${OK/y/Y}" != 'Y' ] ; then
'update-known_hosts'|'update-known-hosts'|'k')
MODE='known_hosts'
+ # check permissions on the known_hosts file path
if ! check_key_file_permissions "$USER" "$KNOWN_HOSTS" ; then
- failure "Improper permissions on known_hosts file."
+ failure "Improper permissions on known_hosts file path."
fi
# if hosts are specified on the command line, process just
# otherwise, if no hosts are specified, process every host
# in the user's known_hosts file
else
- if [ ! -s "$KNOWN_HOSTS" ] ; then
- failure "known_hosts file '$KNOWN_HOSTS' is empty or does not exist."
+ # exit if the known_hosts file does not exist
+ if [ ! -e "$KNOWN_HOSTS" ] ; then
+ log "known_hosts file '$KNOWN_HOSTS' does not exist."
+ exit
fi
process_known_hosts
'update-authorized_keys'|'update-authorized-keys'|'a')
MODE='authorized_keys'
- # fail if the authorized_user_ids file is empty
- if [ ! -s "$AUTHORIZED_USER_IDS" ] ; then
- failure "authorized_user_ids file '$AUTHORIZED_USER_IDS' is empty or does not exist."
+ # check permissions on the authorized_user_ids file path
+ if ! check_key_file_permissions "$USER" "$AUTHORIZED_USER_IDS" ; then
+ failure "Improper permissions on authorized_user_ids file path."
+ fi
+
+ # check permissions on the authorized_keys file path
+ if ! check_key_file_permissions "$USER" "$AUTHORIZED_KEYS" ; then
+ failure "Improper permissions on authorized_keys file path."
fi
- if ! check_key_file_permissions "$USER" "$AUTHORIZED_USER_IDS" ; then
- failure "Improper permissions on authorized_user_ids file."
+ # exit if the authorized_user_ids file is empty
+ if [ ! -e "$AUTHORIZED_USER_IDS" ] ; then
+ log "authorized_user_ids file '$AUTHORIZED_USER_IDS' does not exist."
+ exit
fi
# process authorized_user_ids file
projects / monkeysphere.git / blobdiff