|
@@ -119,20 +119,34 @@ function interactive_gpg_from_usb {
|
119
|
119
|
cp -r $USB_MOUNT/letsencrypt/* /etc/letsencrypt
|
120
|
120
|
fi
|
121
|
121
|
|
122
|
|
- if [ -d $USB_MOUNT/.gnupg ]; then
|
123
|
|
- if [ ! -d $HOME_DIR/.gnupg ]; then
|
124
|
|
- mkdir $HOME_DIR/.gnupg
|
|
122
|
+ if [ -f $USB_MOUNT/.mastergpgkey && -f $USB_MOUNT/.backupgpgkey ]; then
|
|
123
|
+ # Recovering keys from file rather than just copying the gnupg
|
|
124
|
+ # directory may help to avoid problems during upgrades/reinstalls
|
|
125
|
+ su -c "gpg --allow-secret-key-import --import $USB_MOUNT/.mastergpgkey" - $MY_USERNAME
|
|
126
|
+ su -c "gpg --allow-secret-key-import --import $USB_MOUNT/.backupgpgkey" - $MY_USERNAME
|
|
127
|
+ if [ -d /home/$MY_USERNAME/.gnupg ]; then
|
|
128
|
+ chmod 700 /home/$MY_USERNAME/.gnupg
|
|
129
|
+ chmod -R 600 /home/$MY_USERNAME/.gnupg/*
|
|
130
|
+ chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.gnupg
|
125
|
131
|
fi
|
126
|
|
- echo $'Recovering GPG keys'
|
127
|
|
- cp -r $USB_MOUNT/.gnupg/* $HOME_DIR/.gnupg
|
128
|
|
- GPG_LOADING="no"
|
129
|
132
|
dialog --title $"Recover Encryption Keys" \
|
130
|
|
- --msgbox $"GPG Keyring loaded to $HOME_DIR" 6 70
|
|
133
|
+ --msgbox $"GPG Keyring loaded to $HOME_DIR from master keydrive" 6 70
|
131
|
134
|
else
|
132
|
|
- if [ ! -d $HOME_DIR/.gnupg_fragments ]; then
|
133
|
|
- mkdir $HOME_DIR/.gnupg_fragments
|
|
135
|
+ if [ -d $USB_MOUNT/.gnupg ]; then
|
|
136
|
+ if [ ! -d $HOME_DIR/.gnupg ]; then
|
|
137
|
+ mkdir $HOME_DIR/.gnupg
|
|
138
|
+ fi
|
|
139
|
+ echo $'Recovering GPG keys'
|
|
140
|
+ cp -r $USB_MOUNT/.gnupg/* $HOME_DIR/.gnupg
|
|
141
|
+ GPG_LOADING="no"
|
|
142
|
+ dialog --title $"Recover Encryption Keys" \
|
|
143
|
+ --msgbox $"GPG Keyring loaded to $HOME_DIR" 6 70
|
|
144
|
+ else
|
|
145
|
+ if [ ! -d $HOME_DIR/.gnupg_fragments ]; then
|
|
146
|
+ mkdir $HOME_DIR/.gnupg_fragments
|
|
147
|
+ fi
|
|
148
|
+ cp -r $USB_MOUNT/.gnupg_fragments/* $HOME_DIR/.gnupg_fragments
|
134
|
149
|
fi
|
135
|
|
- cp -r $USB_MOUNT/.gnupg_fragments/* $HOME_DIR/.gnupg_fragments
|
136
|
150
|
fi
|
137
|
151
|
|
138
|
152
|
if [[ $SSH_IMPORTED == "no" ]]; then
|