Avoid passphrase during gpg key generation

This commit is contained in:
Bob Mottram 2017-06-01 19:30:01 +01:00
parent dce82c90df
commit 55e3f4a8ae
3 changed files with 8 additions and 4 deletions

View File

@ -143,8 +143,9 @@ echo 'Subkey-Length: 4096' >> /home/$ADD_USERNAME/gpg-genkey.conf
echo "Name-Real: $ADD_USERNAME" >> /home/$ADD_USERNAME/gpg-genkey.conf echo "Name-Real: $ADD_USERNAME" >> /home/$ADD_USERNAME/gpg-genkey.conf
echo "Name-Email: $ADD_USERNAME@$HOSTNAME" >> /home/$ADD_USERNAME/gpg-genkey.conf echo "Name-Email: $ADD_USERNAME@$HOSTNAME" >> /home/$ADD_USERNAME/gpg-genkey.conf
echo 'Expire-Date: 0' >> /home/$ADD_USERNAME/gpg-genkey.conf echo 'Expire-Date: 0' >> /home/$ADD_USERNAME/gpg-genkey.conf
echo "Passphrase: ''" >> /home/$ADD_USERNAME/gpg-genkey.conf
chown $ADD_USERNAME:$ADD_USERNAME /home/$ADD_USERNAME/gpg-genkey.conf chown $ADD_USERNAME:$ADD_USERNAME /home/$ADD_USERNAME/gpg-genkey.conf
su -m root -c "gpg --homedir /home/$ADD_USERNAME/.gnupg --batch --passphrase '' --full-gen-key /home/$ADD_USERNAME/gpg-genkey.conf" - $ADD_USERNAME su -m root -c "gpg --homedir /home/$ADD_USERNAME/.gnupg --batch --full-gen-key /home/$ADD_USERNAME/gpg-genkey.conf" - $ADD_USERNAME
chown -R $ADD_USERNAME:$ADD_USERNAME /home/$ADD_USERNAME/.gnupg chown -R $ADD_USERNAME:$ADD_USERNAME /home/$ADD_USERNAME/.gnupg
shred -zu /home/$ADD_USERNAME/gpg-genkey.conf shred -zu /home/$ADD_USERNAME/gpg-genkey.conf
MY_GPG_PUBLIC_KEY_ID=$(gpg_pubkey_from_email "$ADD_USERNAME" "$ADD_USERNAME@$HOSTNAME") MY_GPG_PUBLIC_KEY_ID=$(gpg_pubkey_from_email "$ADD_USERNAME" "$ADD_USERNAME@$HOSTNAME")

View File

@ -1508,8 +1508,9 @@ function create_gpg_subkey {
echo "Name-Email: $MY_EMAIL_ADDRESS" >> /home/$MY_USERNAME/gpg-genkey.conf echo "Name-Email: $MY_EMAIL_ADDRESS" >> /home/$MY_USERNAME/gpg-genkey.conf
echo "Name-Comment: $GPG_KEY_USAGE" >> /home/$MY_USERNAME/gpg-genkey.conf echo "Name-Comment: $GPG_KEY_USAGE" >> /home/$MY_USERNAME/gpg-genkey.conf
echo 'Expire-Date: 0' >> /home/$MY_USERNAME/gpg-genkey.conf echo 'Expire-Date: 0' >> /home/$MY_USERNAME/gpg-genkey.conf
echo "Passphrase: ''" >> /home/$MY_USERNAME/gpg-genkey.conf
chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/gpg-genkey.conf chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/gpg-genkey.conf
su -m root -c "gpg --homedir /home/$MY_USERNAME/.gnupg --batch --passphrase '' --full-gen-key /home/$MY_USERNAME/gpg-genkey.conf" - $MY_USERNAME su -m root -c "gpg --homedir /home/$MY_USERNAME/.gnupg --batch --full-gen-key /home/$MY_USERNAME/gpg-genkey.conf" - $MY_USERNAME
chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.gnupg chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.gnupg
shred -zu /home/$MY_USERNAME/gpg-genkey.conf shred -zu /home/$MY_USERNAME/gpg-genkey.conf
@ -1622,9 +1623,10 @@ function configure_gpg {
echo "Name-Real: $MY_NAME" >> /home/$MY_USERNAME/gpg-genkey.conf echo "Name-Real: $MY_NAME" >> /home/$MY_USERNAME/gpg-genkey.conf
echo "Name-Email: $MY_EMAIL_ADDRESS" >> /home/$MY_USERNAME/gpg-genkey.conf echo "Name-Email: $MY_EMAIL_ADDRESS" >> /home/$MY_USERNAME/gpg-genkey.conf
echo 'Expire-Date: 0' >> /home/$MY_USERNAME/gpg-genkey.conf echo 'Expire-Date: 0' >> /home/$MY_USERNAME/gpg-genkey.conf
echo "Passphrase: ''" >> /home/$MY_USERNAME/gpg-genkey.conf
chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/gpg-genkey.conf chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/gpg-genkey.conf
echo $'Generating a new GPG key' echo $'Generating a new GPG key'
su -m root -c "gpg --homedir /home/$MY_USERNAME/.gnupg --batch --passphrase '' --full-gen-key /home/$MY_USERNAME/gpg-genkey.conf" - $MY_USERNAME su -m root -c "gpg --homedir /home/$MY_USERNAME/.gnupg --batch --full-gen-key /home/$MY_USERNAME/gpg-genkey.conf" - $MY_USERNAME
chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.gnupg chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.gnupg
KEY_EXISTS=$(gpg_key_exists "$MY_USERNAME" "$MY_EMAIL_ADDRESS") KEY_EXISTS=$(gpg_key_exists "$MY_USERNAME" "$MY_EMAIL_ADDRESS")
if [[ $KEY_EXISTS == "no" ]]; then if [[ $KEY_EXISTS == "no" ]]; then

View File

@ -70,9 +70,10 @@ function configure_backup_key {
echo "Name-Email: $MY_EMAIL_ADDRESS" >> /home/$MY_USERNAME/gpg-genkey.conf echo "Name-Email: $MY_EMAIL_ADDRESS" >> /home/$MY_USERNAME/gpg-genkey.conf
echo "Name-Comment: backup key" >> /home/$MY_USERNAME/gpg-genkey.conf echo "Name-Comment: backup key" >> /home/$MY_USERNAME/gpg-genkey.conf
echo 'Expire-Date: 0' >> /home/$MY_USERNAME/gpg-genkey.conf echo 'Expire-Date: 0' >> /home/$MY_USERNAME/gpg-genkey.conf
echo "Passphrase: ''" >> /home/$MY_USERNAME/gpg-genkey.conf
chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/gpg-genkey.conf chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/gpg-genkey.conf
echo $'Backup key does not exist. Creating it.' echo $'Backup key does not exist. Creating it.'
su -m root -c "gpg --homedir /home/$MY_USERNAME/.gnupg --batch --passphrase '' --full-gen-key /home/$MY_USERNAME/gpg-genkey.conf" - $MY_USERNAME su -m root -c "gpg --homedir /home/$MY_USERNAME/.gnupg --batch --full-gen-key /home/$MY_USERNAME/gpg-genkey.conf" - $MY_USERNAME
chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.gnupg chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.gnupg
shred -zu /home/$MY_USERNAME/gpg-genkey.conf shred -zu /home/$MY_USERNAME/gpg-genkey.conf