diff options
author | Silvio Rhatto <rhatto@riseup.net> | 2018-05-30 14:45:12 -0300 |
---|---|---|
committer | Silvio Rhatto <rhatto@riseup.net> | 2018-05-30 14:45:12 -0300 |
commit | e5659e2ba6be675f2f8383e0264bde8968a869d0 (patch) | |
tree | cbc92bdb8e2f46aa6e79b74f621bddafebf7f990 /lib/keyringer/actions | |
parent | b6dec4f1efe948f01df02b364cbb7f7aeedaa2b1 (diff) | |
parent | 126eb39671e9c65c0c60a78b25189e4d4b1fae72 (diff) | |
download | keyringer-e5659e2ba6be675f2f8383e0264bde8968a869d0.tar.gz keyringer-e5659e2ba6be675f2f8383e0264bde8968a869d0.tar.bz2 |
Merge branch 'develop'
Diffstat (limited to 'lib/keyringer/actions')
-rwxr-xr-x | lib/keyringer/actions/genkeys | 30 | ||||
-rwxr-xr-x | lib/keyringer/actions/pwgen | 4 |
2 files changed, 18 insertions, 16 deletions
diff --git a/lib/keyringer/actions/genkeys b/lib/keyringer/actions/genkeys index 634c847..deacbfd 100755 --- a/lib/keyringer/actions/genkeys +++ b/lib/keyringer/actions/genkeys @@ -34,23 +34,25 @@ function genkeys_ssh { function genkeys_gpg { echo "Make sure that $KEYDIR is atop of an encrypted volume." - passphrase="no" - passphrase_confirm="confirm" + #passphrase="no" + #passphrase_confirm="confirm" - while [ "$passphrase" != "$passphrase_confirm" ]; do - read -s -p "Enter password for the private key: " passphrase - printf "\n" - read -s -p "Enter password again: " passphrase_confirm - printf "\n" + #while [ "$passphrase" != "$passphrase_confirm" ]; do + # read -s -p "Enter password for the private key: " passphrase + # printf "\n" + # read -s -p "Enter password again: " passphrase_confirm + # printf "\n" - if [ "$passphrase" != "$passphrase_confirm" ]; then - echo "Password don't match." - fi - done + # if [ "$passphrase" != "$passphrase_confirm" ]; then + # echo "Password don't match." + # fi + #done + + keyringer_exec pwgen "$BASEDIR" "$FILE.passwd" + passphrase="`keyringer_exec decrypt "$BASEDIR" "$FILE.passwd"`" # TODO: insert random bytes # TODO: custom Name-Comment and Name-Email - # TODO: allow for empty passphrases $GPG --homedir "$TMPWORK" --gen-key --batch <<EOF Key-Type: RSA Key-Length: 4096 @@ -68,8 +70,8 @@ EOF $GPG --armor --homedir "$TMPWORK" --export-secret-keys | keyringer_exec encrypt "$BASEDIR" "$FILE" echo "Encrypting public key into keyringer..." $GPG --armor --homedir "$TMPWORK" --export | keyringer_exec encrypt "$BASEDIR" "$FILE.pub" - echo "Encrypting passphrase into keyringer..." - echo "Passphrase for $FILE: $passphrase" | keyringer_exec encrypt "$BASEDIR" "$FILE.passwd" + #echo "Encrypting passphrase into keyringer..." + #echo "Passphrase for $FILE: $passphrase" | keyringer_exec encrypt "$BASEDIR" "$FILE.passwd" if [ ! -z "$OUTFILE" ]; then mkdir -p `dirname $OUTFILE` diff --git a/lib/keyringer/actions/pwgen b/lib/keyringer/actions/pwgen index 3c03681..e1e8947 100755 --- a/lib/keyringer/actions/pwgen +++ b/lib/keyringer/actions/pwgen @@ -13,12 +13,12 @@ FILE="$2" # Generates a random passphrase function keyringer_pwgen { - ENTROPY_BYTES=${1:-20} # in bytes + ENTROPY_BYTES=${1:-40} # in bytes ENTROPY_SOURCE="${ENTROPY_SOURCE:-/dev/urandom}" # Strip possible newlines if output is wrapped. # Also strip trailing = signs as they add nothing to the password's entropy. - head -c $ENTROPY_BYTES $ENTROPY_SOURCE | base64 | tr -d '\n=' + dd bs=1 count=$ENTROPY_BYTES if=$ENTROPY_SOURCE status=none | base64 | tr -d '\n=' echo } |