Trusting keys at import-key

4 files changed, 16 insertions, 3 deletions

diff --git a/lib/hydra/config b/lib/hydra/config
index f45366b..b657fd3 100644
--- a/lib/hydra/config
+++ b/lib/hydra/config
@@ -43,6 +43,8 @@ function hydra_check_preferences {
   if [ -z "$PUPPET_KEYS" ]; then
     PUPPET_KEYS="$PUPPET/files/keys"
   fi
+
+  export HYDRA_CONNECT="ssh -o ConnectTimeout=15"
 }
 
 # Load a parameter from config
diff --git a/share/hydra/deploy b/share/hydra/deploy
index 935f983..4424ae3 100755
--- a/share/hydra/deploy
+++ b/share/hydra/deploy
@@ -24,7 +24,7 @@ fi
 # Deploy
 for node in $NODES; do
   echo "Deploying to $node..."
-  ssh -o ConnectTimeout=15 $node <<EOF
+  $HYDRA_CONNECT $node <<EOF
   ##### BEGIN REMOTE SCRIPT #####
   if ! which git &> /dev/null; then
     echo "Installing git..."
diff --git a/share/hydra/import-key b/share/hydra/import-key
index b74ac1f..8015081 100755
--- a/share/hydra/import-key
+++ b/share/hydra/import-key
@@ -28,5 +28,16 @@ for node in $NODES; do
   echo "-----------------------------"
   echo ""
   hostname="`echo $node | cut -d . -f 1`"
-  keyringer $HYDRA decrypt $hostname/gpg/key | ssh -o ConnectTimeout=15 $node sudo gpg --homedir /root/.gnupg --import
+  keyringer $HYDRA decrypt $hostname/gpg/key | $HYDRA_CONNECT $node sudo gpg --homedir /root/.gnupg --import
+
+  # TODO: get the full keyid
+  echo ""
+  echo "Trusting key..."
+  echo ""
+  printf "trust\n5\ny\nsave\n" | $HYDRA_CONNECT $node sudo gpg --homedir /root/.gnupg --no-tty --status-fd=2 --command-fd=0 --edit-key root@$node
+
+  echo ""
+  echo "Verifying..."
+  echo ""
+  $HYDRA_CONNECT $node sudo gpg --homedir /root/.gnupg --list-keys
 done
diff --git a/share/hydra/mass b/share/hydra/mass
index 9b87d4a..981f31f 100755
--- a/share/hydra/mass
+++ b/share/hydra/mass
@@ -17,7 +17,7 @@ function mass_loop {
   for node in $NODES; do
     echo "Issuing $COMMAND on multiple nodes..."
     echo "Connecting to $node..."
-    ssh -o ConnectTimeout=15 $node sudo $COMMAND
+    $HYDRA_CONNECT $node sudo $COMMAND
   done
 }