diff options
| author | Silvio Rhatto <rhatto@riseup.net> | 2015-09-08 17:42:04 -0300 |
|---|---|---|
| committer | Silvio Rhatto <rhatto@riseup.net> | 2015-09-08 17:42:04 -0300 |
| commit | 940272bf09f8fb86bf34d5165caebcf70bbe14dd (patch) | |
| tree | 598cf960f12b53c541f409c0e37def0a5f52bd78 | |
| parent | 84676deefdcb300ef4282c23433e0a8f69e992be (diff) | |
| download | hydra-940272bf09f8fb86bf34d5165caebcf70bbe14dd.tar.gz hydra-940272bf09f8fb86bf34d5165caebcf70bbe14dd.tar.bz2 | |
Key generation / import improvements
| -rwxr-xr-x | share/hydra/import-key | 10 | ||||
| -rwxr-xr-x | share/hydra/newkeys | 13 |
2 files changed, 10 insertions, 13 deletions
diff --git a/share/hydra/import-key b/share/hydra/import-key index f394f8c..8929baf 100755 --- a/share/hydra/import-key +++ b/share/hydra/import-key @@ -44,20 +44,24 @@ for node in $NODES; do continue fi + $HYDRA_CONNECT $node <<EOF + ##### BEGIN REMOTE SCRIPT ##### echo "" echo "-----------------------------" echo "Importing gpg key to $node..." echo "-----------------------------" echo "" - echo "$key" | $HYDRA_CONNECT $node sudo gpg --homedir /root/.gnupg --import + echo "$key" | sudo gpg --homedir /root/.gnupg --import echo "" echo "Trusting key at $node..." echo "" - printf "trust\n5\ny\nsave\n" | $HYDRA_CONNECT $node sudo gpg --homedir /root/.gnupg --no-tty --status-fd=2 --command-fd=0 --edit-key $key_id + printf "trust\n5\ny\nsave\n" | sudo gpg --homedir /root/.gnupg --no-tty --status-fd=2 --command-fd=0 --edit-key $key_id echo "" echo "Verifying..." echo "" - $HYDRA_CONNECT $node sudo gpg --homedir /root/.gnupg --list-keys + sudo gpg --homedir /root/.gnupg --list-keys + ##### END REMOTE SCRIPT ####### +EOF done diff --git a/share/hydra/newkeys b/share/hydra/newkeys index c46a809..37e76e8 100755 --- a/share/hydra/newkeys +++ b/share/hydra/newkeys @@ -21,8 +21,8 @@ function hydra_newkeys { # GPG keys should be manually imported in the nodes for host in `hydra $HYDRA nodes`; do node="`echo $host | cut -d . -f 1`" - privkey="$PUPPET_KEYS/ssh/$node/"$node"_id_rsa" - pubkey="$privkey.pub" + sshkey="$HYDRA_FOLDER/keyring/keys/nodes/$node/ssh/id_rsa.asc" + gpgkey="$HYDRA_FOLDER/keyring/keys/nodes/$node/gpg/key.asc" if [ "$1" == "all" ]; then hydra_genpairs elif [ "$1" == "all-ssh" ]; then @@ -32,7 +32,7 @@ function hydra_newkeys { elif [ ! -z "$1" ] && [ "$node" == "$1" ]; then hydra_genpairs $2 exit $? - elif [ ! -e "$privkey" ] || [ ! -e "$pubkey" ]; then + elif [ ! -e "$sshkey" ] || [ ! -e "$gpgkey" ]; then hydra_genpairs fi done @@ -42,7 +42,6 @@ function hydra_genpairs { BASEDIR="/tmp" if [ "$1" != "pgp" ]; then - #keyringer $HYDRA genpair ssh nodes/$node/ssh/id_rsa $host $privkey keyringer $HYDRA genpair ssh nodes/$node/ssh/id_rsa $host fi @@ -57,12 +56,6 @@ function hydra_genpairs { keyringer $HYDRA git push hydra_unset_tmpfile $TMPWORK - - # Add key into puppet git repository. - #( cd $PUPPET_KEYS/ssh/$node && git add $(basename $privkey) $(basename $pubkey) ) - - # Sync pubkeys folder - #( cd $PUPPET_KEYS/public && find ../ssh/ -maxdepth 2 -name '*.pub' -exec cp {} . \; && git add . ) } # Load. |