-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcreateKeyQuartet.sh
96 lines (80 loc) · 2.22 KB
/
createKeyQuartet.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
#!/bin/bash
this_help()
{
# Display Help
echo "Creates a new GPG identity and exports GPG and SSH files"
echo
echo "Syntax: createKeyQuartet.sh [options] email \"full name\""
echo
echo "Example: ./createKeyQuartet.sh [email protected] \"Hans Meiser\""
echo
echo "Output:"
echo " 4 different files:"
echo " [email protected]_sec.gpg --> GPG secret key"
echo " [email protected]_pub.gpg --> GPG public key"
echo " [email protected]_ssh --> SSH private key"
echo " [email protected]_ssh.pub --> SSH public key"
echo
echo "options:"
echo "-h, --help Print this Help"
echo
exit 1
}
# Handle input parameter
if [ $# -eq 0 ]; then
echo "Error: No arguments provided"
echo
this_help
exit 1
fi
# TODO simple email regex check
# [^@ \t\r\n]+@[^@ \t\r\n]+\.[^@ \t\r\n]+
# https://ihateregex.io/expr/email/
# https://stackoverflow.com/a/9271406/4666399
_setArgs(){
while [ "${1:-}" != "" ]; do
case "$1" in
"-h" | "--help")
this_help
;;
esac
shift
done
}
FILENAME_PUB+=$EMAIL"_pub.gpg"
FILENAME_SEC+=$EMAIL"_sec.gpg"
FILENAME_SSH+=$EMAIL"_ssh"
FILENAME_SSH_PUB+=$EMAIL"_ssh.pub"
EMAIL=$1
FULLNAME=$2
# Generate Key into gpg
cat >createKeyQuartet.tmp <<EOF
%echo Generating an ed25519 key
Key-Type: ed25519
Key-Length: 4096
Subkey-Type: ed25519
Name-Real: $FULLNAME
Name-Email: $EMAIL
Expire-Date: 0
%no-protection
# Do a commit here, so that we can later print "done" :-)
%commit
%echo done
EOF
gpg2 --batch --generate-key createKeyQuartet.tmp
# Create GPG + SSH files
EMAIL=$1
FULLNAME=$2
KEY=$(gpg2 --list-key --with-colons --keyid-format=long $EMAIL | tail -n 5 | grep pub | cut -d ':' -f5)
FILENAME_PUB=$EMAIL"_pub.gpg"
FILENAME_SEC=$EMAIL"_sec.gpg"
FILENAME_SSH=$EMAIL"_ssh"
FILENAME_SSH_PUB=$EMAIL"_ssh.pub"
gpg2 --armor --export $KEY > $FILENAME_PUB
gpg2 --armor --export-secret-keys $KEY > $FILENAME_SEC
gpg2 --export-secret-key $KEY | openpgp2ssh $KEY > $FILENAME_SSH
sudo chmod 400 $FILENAME_SSH && ssh-keygen -y -f $FILENAME_SSH > $FILENAME_SSH_PUB
# Read only permissions for the keys
sudo chmod 400 $FILENAME_PUB $FILENAME_SEC $FILENAME_SSH $FILENAME_SSH_PUB
# Clean up temp file
rm createKeyQuartet.tmp