free
/
freedombone
Segui 1
Vota 0
Forka 0
Codice Problemi 0 Pull Requests 0 Rilasci 0 Wiki Activity
Sfoglia il codice sorgente

Generate GPG key, or use existing keys

Bob Mottram 11 anni fa
parent
3b552de3ac
commit
8f392a998f
1 ha cambiato i file con 39 aggiunte e 0 eliminazioni
Visualizzazione separata Mostra Diff Stats
  1. 39
    0
      install-freedombone.sh

+ 39
- 0
install-freedombone.sh Vedi File 

@@ -66,8 +66,15 @@ FREEDNS_SUBDOMAIN_CODE=$3
66 66 
 SSH_PORT=2222
67 67 
 KERNEL_VERSION="v3.15.10-bone7"
68 68 
 USE_HWRNG="yes"
69 
+
69 70 
 GPG_KEYSERVER="hkp://keys.gnupg.net"
70 71
72 
+# optionally you can provide your exported GPG key pair here
73 
+# Note that the private key file will be deleted after use
74 
+# If these are unspecified then a new GPG key will be created
75 
+MY_GPG_PUBLIC_KEY=
76 
+MY_GPG_PRIVATE_KEY=
77 
+
71 78 
 # The Debian package repository to use.
72 79 
 DEBIAN_REPO="ftp.de.debian.org"
73 80 
 
@@ -833,6 +840,38 @@ function configure_gpg {
833 840 
   fi
834 841
835 842 
   chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.gnupg
843 
+
844 
+  if [ $MY_GPG_PUBLIC_KEY && $MY_GPG_PRIVATE_KEY ]; then
845 
+	  # use your existing GPG keys which were exported
846 
+	  if [ ! -f $MY_GPG_PUBLIC_KEY ]; then
847 
+		  echo "GPG public key file $MY_GPG_PUBLIC_KEY was not found"
848 
+		  exit 1
849 
+	  fi
850 
+	  if [ ! -f $MY_GPG_PRIVATE_KEY ]; then
851 
+		  echo "GPG private key file $MY_GPG_PRIVATE_KEY was not found"
852 
+		  exit 1
853 
+	  fi
854 
+      su - $MY_USERNAME gpg --import $MY_GPG_PUBLIC_KEY
855 
+      su - $MY_USERNAME gpg --allow-secret-key-import --import $MY_GPG_PRIVATE_KEY
856 
+	  # for security ensure that the private key file doesn't linger around
857 
+	  shred -zu $MY_GPG_PRIVATE_KEY
858 
+  else
859 
+      # Generate a GPG key
860 
+      echo "%echo Generating a GPG key for `hostname --fqdn`" > /home/$MY_USERNAME/gpg-genkey.conf
861 
+      echo 'Key-Type: RSA' >> /home/$MY_USERNAME/gpg-genkey.conf
862 
+      echo 'Key-Length: 4096' >> /home/$MY_USERNAME/gpg-genkey.conf
863 
+      echo 'Subkey-Type: ELG-E' >> /home/$MY_USERNAME/gpg-genkey.conf
864 
+      echo 'Subkey-Length: 4096' >> /home/$MY_USERNAME/gpg-genkey.conf
865 
+      echo 'Name-Real:  `hostname --fqdn`' >> /home/$MY_USERNAME/gpg-genkey.conf
866 
+      echo "Name-Email: $MY_USERNAME@$DOMAIN_NAME" >> /home/$MY_USERNAME/gpg-genkey.conf
867 
+      echo 'Expire-Date: 0' >> /home/$MY_USERNAME/gpg-genkey.conf
868 
+      echo '%commit' >> /home/$MY_USERNAME/gpg-genkey.conf
869 
+      echo '%echo Done' >> /home/$MY_USERNAME/gpg-genkey.conf
870 
+	  chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/gpg-genkey.conf
871 
+      su - $MY_USERNAME gpg --gen-key /home/$MY_USERNAME/gpg-genkey.conf
872 
+      shred -zu /home/$MY_USERNAME/gpg-genkey.conf
873 
+  fi
874 
+
836 875 
   echo 'configure_gpg' >> $COMPLETION_FILE
837 876 
 }
838 877