|
@@ -860,28 +860,22 @@ function configure_gpg {
|
860
|
860
|
echo "GPG private key file $MY_GPG_PRIVATE_KEY was not found"
|
861
|
861
|
exit 6
|
862
|
862
|
fi
|
863
|
|
- su - $MY_USERNAME gpg --import $MY_GPG_PUBLIC_KEY
|
864
|
|
- su - $MY_USERNAME gpg --allow-secret-key-import --import $MY_GPG_PRIVATE_KEY
|
|
863
|
+ su -c "gpg --import $MY_GPG_PUBLIC_KEY" - $MY_USERNAME
|
|
864
|
+ su -c "gpg --allow-secret-key-import --import $MY_GPG_PRIVATE_KEY" - $MY_USERNAME
|
865
|
865
|
# for security ensure that the private key file doesn't linger around
|
866
|
866
|
shred -zu $MY_GPG_PRIVATE_KEY
|
867
|
867
|
else
|
868
|
868
|
# Generate a GPG key
|
869
|
|
- umask 0277
|
870
|
|
- cat << EOF > /tmp/$MY_USERNAME-gpg-genkey.conf
|
871
|
|
- %echo Generating a GPG key
|
872
|
|
- Key-Type: RSA
|
873
|
|
- Key-Length: 4096
|
874
|
|
- Subkey-Type: ELG-E
|
875
|
|
- Subkey-Length: 4096
|
876
|
|
- Name-Real: `hostname --fqdn`
|
877
|
|
- Name-Email: $MY_USERNAME@`hostname --fqdn`
|
878
|
|
- Expire-Date: 0
|
879
|
|
- %commit
|
880
|
|
- %echo Done
|
881
|
|
- EOF
|
882
|
|
- umask 0002
|
883
|
|
- su $MY_USERNAME gpg --batch --gen-key /tmp/$MY_USERNAME-gpg-genkey.conf > gpg-keygen.log 2> gpg-keygen_error.log
|
884
|
|
- shred -zu /tmp/$MY_USERNAME-gpg-genkey.conf
|
|
869
|
+ echo 'Key-Type: 1' > /home/$MY_USERNAME/gpg-genkey.conf
|
|
870
|
+ echo 'Key-Length: 4096' >> /home/$MY_USERNAME/gpg-genkey.conf
|
|
871
|
+ echo 'Subkey-Type: 1' >> /home/$MY_USERNAME/gpg-genkey.conf
|
|
872
|
+ echo 'Subkey-Length: 4096' >> /home/$MY_USERNAME/gpg-genkey.conf
|
|
873
|
+ echo "Name-Real: `hostname --fqdn`" >> /home/$MY_USERNAME/gpg-genkey.conf
|
|
874
|
+ echo "Name-Email: $MY_USERNAME@`hostname --fqdn`" >> /home/$MY_USERNAME/gpg-genkey.conf
|
|
875
|
+ echo 'Expire-Date: 0' >> /home/$MY_USERNAME/gpg-genkey.conf
|
|
876
|
+ chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/gpg-genkey.conf
|
|
877
|
+ su -c "gpg --batch --gen-key /home/$MY_USERNAME/gpg-genkey.conf" - $MY_USERNAME
|
|
878
|
+ shred -zu /home/$MY_USERNAME/gpg-genkey.conf
|
885
|
879
|
fi
|
886
|
880
|
|
887
|
881
|
echo 'configure_gpg' >> $COMPLETION_FILE
|