<n>y = key expires in n years
EOF
while [ -z "$keyExpire" ] ; do
- read -p "Key is valid for? (0) " keyExpire
+ printf "Key is valid for? (0) " >&2
+ read keyExpire
if ! test_gpg_expire ${keyExpire:=0} ; then
echo "invalid value" >&2
unset keyExpire
eval "echo ~${uname}"
}
+# return the primary group of a user
+get_primary_group() {
+ local uname=${1:-`whoami`}
+ groups "$uname" | sed 's/^..* : //' | awk '{ print $1 }'
+}
+
### CONVERSION UTILITIES
# output the ssh key for a given key ID
# touch the known_hosts file so that the file permission check
# below won't fail upon not finding the file
- (umask 0022 && touch "$KNOWN_HOSTS")
+ if [ ! -f "$KNOWN_HOSTS" ]; then
+ [ -d $(dirname "$KNOWN_HOSTS") ] || mkdir -m 0700 $(dirname "$KNOWN_HOSTS") || failure "Could not create path to known_hosts file '$KNOWN_HOSTS'"
+ touch "$KNOWN_HOSTS" || failure "Unable to create known_hosts file '$KNOWN_HOSTS'"
+ fi
# check permissions on the known_hosts file path
- check_key_file_permissions $(whoami) "$KNOWN_HOSTS" || failure
+ check_key_file_permissions $(whoami) "$KNOWN_HOSTS" || failure "Bad permissions governing known_hosts file '$KNOWN_HOSTS'"
# create a lockfile on known_hosts:
lock create "$KNOWN_HOSTS"