diff options
Diffstat (limited to 'scripts')
| -rwxr-xr-x | scripts/decrypt | 17 | ||||
| -rwxr-xr-x | scripts/encrypt | 21 | ||||
| -rwxr-xr-x | scripts/genpair | 67 | ||||
| -rwxr-xr-x | scripts/recrypt | 22 |
4 files changed, 0 insertions, 127 deletions
diff --git a/scripts/decrypt b/scripts/decrypt deleted file mode 100755 index 55888ee..0000000 --- a/scripts/decrypt +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/bash -# -# Decrypt files. -# - -FILE="$1" -BASENAME="`basename $0`" - -if [ -z "$FILE" ]; then - echo "Usage: `basename $0` <file>" - exit 1 -elif [ ! -f "keys/$FILE" ]; then - echo "File not found" - exit 1 -fi - -gpg -d keys/$FILE diff --git a/scripts/encrypt b/scripts/encrypt deleted file mode 100755 index 23aeaf7..0000000 --- a/scripts/encrypt +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -# -# Encrypt files to multiple recipients. -# - -FILE="$1" -BASENAME="`basename $0`" -RECIPIENTS="config/recipients" - -if [ -z "$FILE" ]; then - echo "Usage: `basename $0` <file>" - exit 1 -elif [ ! -f "$RECIPIENTS" ]; then - echo "No recipient config was found" - exit 1 -fi - -mkdir -p keys/`dirname $FILE` -recipients="$(awk '{ print "-r " $2 }' $RECIPIENTS | xargs)" -echo "Type your message and finish your input with EOF (Ctrl-D)." -gpg --armor -e -s $recipients - > keys/$FILE diff --git a/scripts/genpair b/scripts/genpair deleted file mode 100755 index ddbc2fd..0000000 --- a/scripts/genpair +++ /dev/null @@ -1,67 +0,0 @@ -#!/bin/bash -# -# Generate keypairs. -# -# This script is just a wrapper to easily generate keys for -# automated systems. -# - -# Generate a keypair, ssh version -function genpair_ssh { - echo "Make sure that $homedir is atop of an encrypted volume." - read -p "Hit ENTER to continue." prompt - - # TODO: programatically enter blank passphrase twice - ssh-keygen -t dsa -f $homedir/id_dsa -C "root@$hostname" - - echo "Now make sure to save this key in a safe location." - echo "You can export it by securely copying $contents to $hostname." -} - -# Generate a keypair, gpg version -function genpair_gpg { - echo "Make sure that $homedir is atop of an encrypted volume." - read -p "Enter password for the private key: " passphrase - - # TODO: insert 279 random bytes - gpg --homedir $homedir --gen-key <<EOF - Key-Type: DSA - Key-Length: 1024 - Subkey-Type: ELG-E - Subkey-Length: 4096 - Name-Real: $hostname - Name-Comment: backupninja - Name-Email: root@$hostname - Expire-Date: 0 - Passphrase: $passphrase - %commit -EOF - - echo "Now make sure to save this key in a safe location." - echo "You can export it using 'gpg --homedir $homedir --armor --export-secret-keys'." - echo "Then securely copy it to $hostname." -} - -# Setup -keytype="$1" -homedir="$2" -hostname="$3" - -# Verify -if [ -z "$hostname" ]; then - echo "Usage: `basename $0` <gpg|ssh> <homedir> <hostname>" - exit 1 -elif [ -e "$homedir" ]; then - echo "Folder $homedir already exists, leaving" - exit 1 -fi - -# Prepare -mkdir -p $homedir && chmod 700 $homedir -if [ "$?" != "0" ]; then - echo "Error setting up $homedir" - exit 1 -fi - -# Dispatch -genpair_$keytype diff --git a/scripts/recrypt b/scripts/recrypt deleted file mode 100755 index 48c4d40..0000000 --- a/scripts/recrypt +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/bash -# -# Re-encrypt files to multiple recipients. -# - -FILE="$1" -BASENAME="`basename $0`" -RECIPIENTS="config/recipients" - -if [ -z "$FILE" ]; then - echo "Usage: `basename $0` <file>" - exit 1 -elif [ ! -f "$RECIPIENTS" ]; then - echo "No recipient config was found" - exit 1 -elif [ ! -f "keys/$FILE" ]; then - echo "File not found" - exit 1 -fi - -recipients="$(awk '{ print "-r " $2 }' $RECIPIENTS | xargs)" -gpg -d keys/$FILE | gpg --armor -e -s $recipients > keys/$FILE |