summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2018-05-23 16:17:54 -0300
committerSilvio Rhatto <rhatto@riseup.net>2018-05-23 16:17:54 -0300
commitf90e70bb2c221dc6046bf65f7931164d5ca6801f (patch)
treeb2ea99362e48e887efc0b44b6acb607de626cdbc
parent3488be50ec671c4e082766893f2ba6178716b978 (diff)
downloadkeyringer-f90e70bb2c221dc6046bf65f7931164d5ca6801f.tar.gz
keyringer-f90e70bb2c221dc6046bf65f7931164d5ca6801f.tar.bz2
Automatically generate passphrase at genkeys_gpg
-rw-r--r--ChangeLog4
-rwxr-xr-xlib/keyringer/actions/genkeys30
2 files changed, 20 insertions, 14 deletions
diff --git a/ChangeLog b/ChangeLog
index 69a4751..449017c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2017-11-23 - unreleased - Silvio Rhatto <rhatto@riseup.net>
+
+ Automatically generate passphrase at genkeys_gpg
+
2017-11-03 - 0.5.2 - Silvio Rhatto <rhatto@riseup.net>
Fixed incorrect exit statement on append, thanks jamie (#79)
diff --git a/lib/keyringer/actions/genkeys b/lib/keyringer/actions/genkeys
index 634c847..deacbfd 100755
--- a/lib/keyringer/actions/genkeys
+++ b/lib/keyringer/actions/genkeys
@@ -34,23 +34,25 @@ function genkeys_ssh {
function genkeys_gpg {
echo "Make sure that $KEYDIR is atop of an encrypted volume."
- passphrase="no"
- passphrase_confirm="confirm"
+ #passphrase="no"
+ #passphrase_confirm="confirm"
- while [ "$passphrase" != "$passphrase_confirm" ]; do
- read -s -p "Enter password for the private key: " passphrase
- printf "\n"
- read -s -p "Enter password again: " passphrase_confirm
- printf "\n"
+ #while [ "$passphrase" != "$passphrase_confirm" ]; do
+ # read -s -p "Enter password for the private key: " passphrase
+ # printf "\n"
+ # read -s -p "Enter password again: " passphrase_confirm
+ # printf "\n"
- if [ "$passphrase" != "$passphrase_confirm" ]; then
- echo "Password don't match."
- fi
- done
+ # if [ "$passphrase" != "$passphrase_confirm" ]; then
+ # echo "Password don't match."
+ # fi
+ #done
+
+ keyringer_exec pwgen "$BASEDIR" "$FILE.passwd"
+ passphrase="`keyringer_exec decrypt "$BASEDIR" "$FILE.passwd"`"
# TODO: insert random bytes
# TODO: custom Name-Comment and Name-Email
- # TODO: allow for empty passphrases
$GPG --homedir "$TMPWORK" --gen-key --batch <<EOF
Key-Type: RSA
Key-Length: 4096
@@ -68,8 +70,8 @@ EOF
$GPG --armor --homedir "$TMPWORK" --export-secret-keys | keyringer_exec encrypt "$BASEDIR" "$FILE"
echo "Encrypting public key into keyringer..."
$GPG --armor --homedir "$TMPWORK" --export | keyringer_exec encrypt "$BASEDIR" "$FILE.pub"
- echo "Encrypting passphrase into keyringer..."
- echo "Passphrase for $FILE: $passphrase" | keyringer_exec encrypt "$BASEDIR" "$FILE.passwd"
+ #echo "Encrypting passphrase into keyringer..."
+ #echo "Passphrase for $FILE: $passphrase" | keyringer_exec encrypt "$BASEDIR" "$FILE.passwd"
if [ ! -z "$OUTFILE" ]; then
mkdir -p `dirname $OUTFILE`