# import an existing ssh key as a gpg subkey
+## 2009-02-20 00:49:11-0500: This is not implemented yet, because we
+## don't currently have a good way to manipulate the user's OpenPGP
+## secret key such that we could make a proper subkey binding
+## signature.
+
import_subkey() {
local sshKeyFile
local keyID
local gpgSecOut
local fifoDir
+ # FIXME: implement!
+ failure "import-subkey is not implemented yet. We welcome patches. Sorry!"
+
sshKeyFile="$1"
shift
# import ssh key to as authentication subkey
if [ "$sshKeyFile" = '-' ] ; then
log verbose "importing ssh key from stdin..."
- ssh2openpgp \
- | gpg --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --import &
+ PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" \
+ | gpg_user --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --import &
else
log verbose "importing ssh key from file '$sshKeyFile'..."
- ssh2openpgp <"$sshKeyFile" \
- | gpg --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --import &
+ PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" <"$sshKeyFile" \
+ | gpg_user --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --import &
fi
# get the password if needed