trying to improve m-a setup; still not successfully tested.

[monkeysphere.git] / src / share / ma / setup

diff --git a/src/share/ma/setup b/src/share/ma/setup
index a829a9845294dce1a614cc1707486f4ec3a0fad9..764fdb8080ddc13d8b7b3a885386495302bed174 100644 (file)
--- a/src/share/ma/setup
+++ b/src/share/ma/setup
@@ -43,17 +43,16 @@ EOF
     if [ -z "$CORE_FPR" ] ; then
        log info "Setting up Monkeysphere authentication trust core"
 
-       local CORE_UID=$(printf "Monkeysphere authentication trust core UID (random string: %s)" $(head -c21 | base64))
+       local CORE_UID=$(printf "Monkeysphere authentication trust core UID (random string: %s)" $(head -c21 </dev/urandom | base64))
     
-       if gpg_core --gen-key --batch <<EOF
-Key-Type: RSA
-Key-Length: 4096
-Key-Usage: certify
-Name-Real: $CORE_UID
+       local TMPLOC=$(mktemp -d ${MATMPDIR}/tmp.XXXXXXXXXX) || failure "Could not create temporary directory!"
+       ssh-keygen -q -b 2048 -t rsa -N'' "${TMPLOC}/authkey" || failure "Could not generate new key for Monkeysphere authentication trust core"
+
+       # FIXME: pem2openpgp currently sets the A flag and a short
+       # expiration date.  We should set the C flag and no expiration
+       # date.
+       < "${TMPLOC}/authkey" pem2openpgp "$CORE_UID" | gpg --import || failure "Could not import new key for Monkeysphere authentication trust core"
 
-%commit
-%echo done
-EOF
        then
            CORE_FPR=$(gpg_core --with-colons --fixed-list-mode --fingerprint --list-secret-key | grep ^fpr: | cut -f10 -d: )
            if [ -z "$CORE_FPR" ] ; then