keymanagement.sh
2.59 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
SSH_KEYGEN="/usr/bin/ssh-keygen"
SSH_ADD="/usr/bin/ssh-add"
export SSH_KEYGEN SSH_ADD
IDENTITY_FILE="${HOME}/.ssh/ident"
SSH_AGENT_FILE="${HOME}/.ssh/agent.info"
GPG_TTY=$(tty)
export IDENTITY_FILE SSH_AGENT_FILE GPG_TTY
alias ssh_init_github="ssh-add ${HOME}/.ssh/ident-github ${HOME}/.ssh/getcred_github.sh"
function ssh-keygen() {
local ident="${1:-${IDENTITY_FILE}}"
${SSH_KEYGEN} -f "${ident}" "$@"
}
function ssh-add() {
local ident="${1}"
local ask_pass ident_file
if [[ "${ident}" ]]
then
ask_pass="${HOME}/.ssh/getcred_${ident}.sh"
ident_file="${HOME}/.ssh/ident-${ident}"
else
ask_pass="${HOME}/.ssh/getcred.sh"
ident_file="${HOME}/.ssh/ident"
fi
if [[ '-' != "${ident:0:1}" ]]
then
DISPLAY=:0.0 SSH_ASKPASS="${ask_pass}" \
${SSH_ADD} ${ident_file} 2>/dev/null </dev/null
else
${SSH_ADD} "$@"
fi
}
function ssh-init-agent() {
local CAT="/bin/cat"
local PS="/bin/ps"
local ECHO="/bin/echo"
local SSH_AGENT="/usr/bin/ssh-agent"
[[ -e "${SSH_AGENT_FILE}" ]] && eval $(${CAT} "${SSH_AGENT_FILE}") >/dev/null
if [[ "x" != x${SSH_AGENT_PID} ]]
then
if [[ "ssh-agent" = "$(${PS} -p ${SSH_AGENT_PID} -o comm=)" ]]
then
return
fi
fi
${ECHO} -n "start ssh-agent ... "
${SSH_AGENT} >"${SSH_AGENT_FILE}"
if [[ 0 -eq $? ]]
then
eval $(${CAT} "${SSH_AGENT_FILE}") >/dev/null
${ECHO} "OK"
ssh-add
else
${ECHO} "FAILED"
fi
}
function gpg-init-agent() {
local AWK="/usr/bin/awk"
local SED="/bin/sed"
local LSOF="/usr/bin/lsof"
local CAT="/bin/cat"
local PS="/bin/ps"
local ECHO="/bin/echo"
local CUT="/usr/bin/cut"
local GPG_AGENT="/usr/bin/gpg-agent"
local GPG_AGENT_ARGS="--daemon --allow-preset-passphrase"
local GPG_PRESET="/usr/libexec/gpg-preset-passphrase"
local CREDDIR="${1}"
local KEYGRIP="D17D6099DA4F7CF580991F6525BAC9DB841C9B30"
local SUBKEYGRIP="BE4A9914142B488736792B9CBE01AE3A94D96E7A"
export GPG_AGENT_SOCK="${RUNDIR}/gnupg/S.gpg-agent"
local SOCK_OPEN_PID="$(test -e "${GPG_AGENT_SOCK}" &&\
${LSOF} -F p ${GPG_AGENT_SOCK} | sed '/p/s/^.//;te;d;:e')"
GPG_AGENT_PID="$(${PS} -h -U ${USER} -o pid -o comm |\
${AWK} '/gpg-agent/{print $1}')"
if [[ "${SOCK_OPEN_PID}" && ${GPG_AGENT_PID} == ${SOCK_OPEN_PID} ]]
then
return
else
${ECHO} -n "start gpg-agent ... "
eval ${GPG_AGENT} ${GPG_AGENT_ARGS}
if [[ 0 -eq $? ]]
then
${CAT} "${CREDDIR}/gpg.pw" | ${GPG_PRESET} --preset ${KEYGRIP}
${CAT} "${CREDDIR}/gpg.pw" | ${GPG_PRESET} --preset ${SUBKEYGRIP}
${ECHO} "OK"
export GPG_AGENT_PID="$(${PS} -h -U ${USER} -o pid -o comm |\
${AWK} '/gpg-agent/{print $1}')"
else
${ECHO} "FAILED"
fi
fi
}
# vim: set ft=sh ts=4 sw=4: