--- /dev/null
+#!/bin/sh
+
+# rhesus: monkeysphere authorized_keys update script
+#
+# Written by
+# Jameson Rollins <jrollins@fifthhorseman.net>
+#
+# Copyright 2008, released under the GPL, version 3 or later
+
+##################################################
+# load conf file
+#. /etc/monkeysphere/monkeysphere.conf
+. ~/ms/monkeysphere.conf
+
+# user name of user to update
+USERNAME="$1"
+
+#AUTH_KEYS_DIR_BASE=/var/lib/monkeysphere/authorized_keys/
+AUTH_KEYS_DIR_BASE=~/ms/authorized_keys
+
+AUTH_KEYS_DIR="$AUTH_KEYS_DIR_BASE"/"$USERNAME"
+AUTH_KEYS_FILE="$AUTH_KEYS_DIR"/authorized_keys
+
+AUTH_USER_IDS="$AUTH_USER_IDS_DIR"/"$USERNAME"
+
+export GNUPGHOME
+##################################################
+
+### FUNCTIONS
+
+failure() {
+ echo "$1" >&2
+ exit ${2:-'1'}
+}
+
+meat() {
+ grep -v -e "^[[:space:]]*#" -e '^$' "$1"
+}
+
+cutline() {
+ head --line="$1" | tail -1
+}
+
+### MAIN
+
+# make sure the gnupg home exists with proper permissions
+mkdir -p "$GNUPGHOME"
+chmod 0700 "$GNUPGHOME"
+
+# find number of user ids in auth_user_ids file
+NLINES=$(meat "$AUTH_USER_IDS" | wc -l)
+
+# clean out keys file and remake keys directory
+rm -rf "$AUTH_KEYS_DIR"/keys
+mkdir -p "$AUTH_KEYS_DIR"/keys
+
+# loop through all user ids, and generate ssh keys
+for (( N=1; N<=$NLINES; N=N+1 )) ; do
+ # get user id
+ USERID=$(meat "$AUTH_USER_IDS" | head --line="$N" | tail -1)
+ USERID_HASH=$(echo "$USERID" | sha1sum | awk '{ print $1 }')
+
+ # get key id from user id
+ #KEYID=$(gpguser2key "$USERID")
+ KEYID="$USERID"
+
+ echo "Receiving keys for: $USERID ($KEYID)..."
+
+ # is primary key revoked && kill
+ # for all associated keys (primary and sub)
+ # - type "A"
+ # - not revoked
+ # - signed by trusted user
+ # output ssh key
+
+ # Receive keys into key ring
+ if gpg --recv-keys --keyserver "$KEYSERVER" "$KEYID" ; then
+ # convert pgp key to ssh key, and write to cache file
+ KEYFILE="$AUTH_KEYS_DIR"/keys/"$USERID_HASH"
+ gpgkey2ssh "$KEYID" | sed -e "s/COMMENT/$USERID/" > "$KEYFILE"
+ fi
+done
+
+echo "Writing authorized_keys file '$AUTH_KEYS_FILE'..."
+cat "$AUTH_KEYS_DIR"/keys/* > "$AUTH_KEYS_FILE" || > "$AUTH_KEYS_FILE"
+if [ -s ~"$USERNAME"/.ssh/authorized_keys ] ; then
+ cat ~"$USERNAME"/.ssh/authorized_keys >> "$AUTH_KEYS_FILE"
+fi