From f57f273519f0abfbd74dd45b4095bf48a1df9790 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Thu, 27 Oct 2016 14:21:37 +0100 Subject: [PATCH] Optionally recover keys from a master keydrive during interactive install --- src/freedombone-config | 1 + src/freedombone-utils-keys | 33 +++++++++++++++++++++++++++++---- 2 files changed, 30 insertions(+), 4 deletions(-) diff --git a/src/freedombone-config b/src/freedombone-config index ece73231..22391792 100755 --- a/src/freedombone-config +++ b/src/freedombone-config @@ -1067,6 +1067,7 @@ function interactive_config { choose_dynamic_dns choose_default_domain_name choose_email_address + interactive_key_recovery # delete the temporary configuration file if [ -f temp.cfg ]; then diff --git a/src/freedombone-utils-keys b/src/freedombone-utils-keys index 88dda59c..01c3dac9 100755 --- a/src/freedombone-utils-keys +++ b/src/freedombone-utils-keys @@ -126,10 +126,19 @@ function interactive_gpg_from_usb { fi fi + if [ -d $GPG_USB_MOUNT/letsencrypt ]; then + if [ ! -d /etc/letsencrypt ]; then + mkdir /etc/letsencrypt + fi + echo $'Recovering LetsEncrypt keys' + cp -r $GPG_USB_MOUNT/letsencrypt/* /etc/letsencrypt + fi + if [ -d $GPG_USB_MOUNT/.gnupg ]; then if [ ! -d $HOME_DIR/.gnupg ]; then mkdir $HOME_DIR/.gnupg fi + echo $'Recovering GPG keys' cp -r $GPG_USB_MOUNT/.gnupg/* $HOME_DIR/.gnupg GPG_LOADING="no" dialog --title $"Recover Encryption Keys" \ @@ -170,14 +179,14 @@ function interactive_gpg_from_remote { ${PROJECT_NAME}-remote -u $MY_USERNAME -l $REMOTE_SERVERS_LIST -t "Remote server" if [ ! -f $REMOTE_SERVERS_LIST ]; then - dialog --title $"Encryption keys" --msgbox $'Error obtaining server list' 6 70 + dialog --title $"Encryption Keys Recovery" --msgbox $'Error obtaining server list' 6 70 return 1 fi # check the number of entries in the file no_of_servers=$(cat $REMOTE_SERVERS_LIST | wc -l) if (( no_of_servers < 3 )); then - dialog --title $"Encryption keys" \ + dialog --title $"Encryption Keys Recovery" \ --msgbox $'There must be at least three servers to recover the key' 6 70 return 2 fi @@ -186,11 +195,11 @@ function interactive_gpg_from_remote { apt-get -yq install libgfshare-bin gnupg ${PROJECT_NAME}-recoverkey -u $MY_USERNAME -l $REMOTE_SERVERS_LIST if [ ! "$?" = "0" ]; then - dialog --title $"Encryption keys" --msgbox $'Your key could not be recovered' 6 70 + dialog --title $"Encryption Keys Recovery" --msgbox $'Your key could not be recovered' 6 70 return 3 fi - dialog --title $"Encryption keys" --msgbox $'Your key has been recovered' 6 70 + dialog --title $"Encryption Keys Recovery" --msgbox $'Your key has been recovered' 6 70 return 0 } @@ -227,4 +236,20 @@ function interactive_gpg { done } +function interactive_key_recovery { + data=$(tempfile 2>/dev/null) + trap "rm -f $data" 0 1 2 5 15 + + dialog --title $"Encryption Keys Recovery" \ + --backtitle $"Freedombone Configuration" \ + --defaultno \ + --yesno $"Do you wish to recover your previous encryption keys from a USB master keydrive?" 7 60 + sel=$? + case $sel in + 1) return;; + 255) return;; + esac + ${PROJECT_NAME}-recoverkey -u $MY_USERNAME +} + # NOTE: deliberately there is no "exit 0"