78 lines
2.4 KiB
Bash
78 lines
2.4 KiB
Bash
export GPG_TTY=$(tty)
|
|
|
|
echo You have not selected a key to use. We will now make a new one.
|
|
echo The personal details you provide below will not be shared anywhere without getting your permission first.
|
|
|
|
pgp_ok=
|
|
while [ -z $pgp_ok ]; do
|
|
echo
|
|
echo -n "Your name: "
|
|
read pgp_name
|
|
echo -n "Your email: "
|
|
read pgp_email
|
|
echo
|
|
echo "You have entered: "
|
|
echo "Name: $pgp_name"
|
|
echo "Email: $pgp_email"
|
|
echo
|
|
echo -n "(Yes/No): "
|
|
read pgp_r
|
|
r=${pgp_r:0:1}
|
|
if [ "$r" == "y" ]; then
|
|
pgp_ok=1
|
|
elif [ "$r" == "Y" ]; then
|
|
pgp_ok=1
|
|
fi
|
|
echo
|
|
echo "Ok, let's try again..."
|
|
done
|
|
|
|
echo -e "\e[0;93mYou will now be asked for a passphrase to protect your new key."
|
|
echo "It will not be shown back to you as you type, nor after you have typed it in."
|
|
echo "If you lose this passphrase you WILL lose access to your key PERMANENTLY."
|
|
echo "Keep it secret."
|
|
echo -e "Keep it safe.\e[0m"
|
|
|
|
stty -echo
|
|
password_match=
|
|
while [ -z $password_match ]; do
|
|
echo
|
|
echo -n "password: "
|
|
read password
|
|
echo
|
|
echo -n "password again: "
|
|
read password_again
|
|
echo
|
|
|
|
if [ "$password" == "$password_again" ]; then
|
|
password_match=1
|
|
else
|
|
echo "passwords do not match, try again"
|
|
fi
|
|
done
|
|
stty echo
|
|
|
|
password_file=`mktemp`
|
|
touch $password_file
|
|
chmod -v 600 $password_file
|
|
echo -n $password > $password_file
|
|
|
|
t=`mktemp -d`
|
|
gpg --homedir $t --pinentry-mode loopback --passphrase-file $password_file --quick-gen-key "$pgp_name (CIC staff client signing key) <$pgp_email>" secp256k1 sign 0
|
|
|
|
|
|
#echo -e "\e[0;93mNow let's see if you've forgotten your passphrase already"
|
|
#echo -e "Please enter it again at the given prompts to import the newly created key into your environment\e[0m"
|
|
|
|
mkdir -vp $HOME/.config/cic/staff-client/.gnupg
|
|
chmod 0700 -v $HOME/.config/cic/staff-client/.gnupg
|
|
|
|
gpg --homedir $t --pinentry-mode loopback --passphrase-file $password_file --export-secret-keys | gpg --pinentry-mode loopback --passphrase-file $password_file --homedir $HOME/.config/cic/staff-client/.gnupg --import
|
|
gpg --homedir $HOME/.config/cic/staff-client/.gnupg --export -a > $HOME/.config/cic/staff-client/user.asc
|
|
|
|
gpg --list-packets $HOME/.config/cic/staff-client/user.asc | awk '/issuer fpr/ { print $9; }' | cut -b -40 > $HOME/.config/cic/staff-client/key_fingerprint
|
|
|
|
gpg --homedir $t --pinentry-mode loopback --passphrase-file $password_file --quick-add-key `cat $HOME/.config/cic/staff-client/key_fingerprint` default encrypt 0
|
|
|
|
shred -v $password_file
|