Add trap to remove lockfiles on exit.

[monkeysphere.git] / src / seckey2sshagent

diff --git a/src/seckey2sshagent b/src/seckey2sshagent
index 0e8d69526a360fa7710d753d3d93d8928e7b1175..1266db5b329987af795f1b6ea286a33f27eb5691 100755 (executable)
--- a/src/seckey2sshagent
+++ b/src/seckey2sshagent
@@ -1,25 +1,52 @@
 #!/bin/sh
 
+# seckey2sshagent: this is a hack of a script to cope with the fact
+# that openpgp2ssh currently cannot support encrypted secret keys.
+
+# the basic operating principal is: 
+
+# export the secret key in encrypted format to a new keyring
+
+# remove the passphrase in that keyring
+
+# use that keyring with openpgp2ssh
+
+# Authors: Daniel Kahn Gillmor <dkg@fifthhorseman.net>,
+#          Jameson Rollins <jrollins@fifthhorseman.net>
+
+
 cleanup() {
-    echo -n "removing temp gpg home... "
+    echo -n "removing temp gpg home... " 1>&2
     rm -rf $FOO
-    echo "done."
+    echo "done." 1>&2
 }
 
 trap cleanup EXIT
 
-GPGID="$1"
-
-idchars=$(echo $GPGID | wc -m)
-if [ "$idchars" -ne 17 ] ; then
-    echo "GPGID is not 16 characters ($idchars)."
-    exit 1
-fi
+#GPGID="$1"
+GPGID=$(echo "$1" | cut -c 25-)
 
 FOO=$(mktemp -d)
 
-gpg --export-secret-key --export-options export-reset-subkey-passwd $GPGID | GNUPGHOME=$FOO gpg --import
+gpg --export-secret-key $GPGID | GNUPGHOME="$FOO" gpg --import
+
+# idea to script the password stuff.  not working.
+# read -s -p "enter gpg password: " PASSWD; echo
+# cmd=$(cat <<EOF
+# passwd
+# $PASSWD
+# \n
+# \n
+# \n
+# yes
+# save
+# EOF
+# )
+# echo -e "$cmd" | GNUPGHOME="$FOO" gpg --command-fd 0 --edit-key $GPGID
+
+GNUPGHOME="$FOO" gpg --edit-key $GPGID
 
-GNUPGHOME=$FOO gpg --edit-key $GPGID
+ln -s /dev/stdin "$FOO"/openpgp
 
-GNUPGHOME=$FOO gpg --export-secret-key $GPGID | openpgp2ssh $GPGID | ssh-add -c /dev/stdin
+GNUPGHOME="$FOO" gpg --export-secret-key $GPGID | \
+    openpgp2ssh $GPGID | ssh-add -c "$FOO"/openpgp