-
Notifications
You must be signed in to change notification settings - Fork 19
/
Copy pathsend-pgp-keys.sh
executable file
·117 lines (98 loc) · 4.3 KB
/
send-pgp-keys.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
#!/bin/bash
# Script used to upload your GPG public key to multiple services after a change.
# AUTHOR: Jonathan Cross 0xC0C076132FFA7695 (jonathancross.com)
# LICENSE: WTFPL - https://github.com/jonathancross/jc-docs/blob/master/LICENSE
################################################################################
# YOU MUST CHANGE THE SETTINGS BELOW BEFORE RUNNING #
# Check each of the 3 ENABLE_* options to make sure they are what you want. #
################################################################################
GPG_ID=XXXXXXXXXXXXXXXX # (required) Your 16 character GPG key ID without 0x
GPG_ID_SHORT=${GPG_ID:8-16} # An 8 character short key ID.
# You can optionally use this below as needed.
GPG_COMMAND=gpg2 # GnuPG command to use: gpg or gpg2.
# Configure the service(s) where you want to host your key.
# Local export of your public key. (required)
# Change this to match where you want the key backup stored:
# Example: LOCAL_KEY_FILE=/tmp/${GPG_ID}.asc
# Example: LOCAL_KEY_FILE=~/Documents/${GPG_ID_SHORT}.asc
LOCAL_KEY_FILE=~/${GPG_ID}_pub.asc
# Upload to one or more public key servers:
ENABLE_PUBLIC_KEY_SERVERS=1 # Change to 0 (zero) to disable.
# You can add / remove servers as needed:
PUBLIC_KEY_SERVERS=(
"hkps://keys.openpgp.org"
"hkps://pgpkeys.urown.net"
"hkps://keyserver.ubuntu.com"
"hkps://hkps.pool.sks-keyservers.net"
"hkps://pgp.mit.edu"
)
# Do you have a personal website where you want to upload your key?
# This setting will upload your key using scp and the settings below.
ENABLE_PERSONAL_KEY_SERVER=0 # Change to 1 (one) to enable.
# scp login settings:
PERSONAL_KEY_SERVER_USER=username # Eg: jonathan
PERSONAL_KEY_SERVER_DOMAIN=example.com # Eg: example.com
PERSONAL_KEY_SERVER_DEST_FOLDER=webroot/foo # Eg: folder name on remote server.
# The LOCAL_KEY_FILE above will
# be transferred there via scp.
# Upload your key to Keybase?
# Note: You must have an account on keybase.io and the `keybase` commandline
# program installed on your computer. Test that `keybase login` command works.
ENABLE_KEYBASE=0 # Change to 1 (one) to enable.
################################################################################
# DO NOT MODIFY BELOW THIS LINE #
################################################################################
# Test config:
if [[ "${GPG_ID}" == "XXXXXXXXXXXXXXXX" ]]; then
echo "ERROR: Please configure this script with *YOUR* gpg Key ID."
fi
# Look at last time the key was exported:
if [[ -f ${LOCAL_KEY_FILE} ]]; then
LASTMOD_DATE="$(ls -al ${LOCAL_KEY_FILE} | awk '{print $6,$7, $8}')"
else
LASTMOD_DATE='[first time]'
fi
echo "
Publishing your key: ${GPG_ID}
"
# Save the new public key to a file:
echo " • Exporting key to file: ${LOCAL_KEY_FILE}"
echo " Last modified: ${LASTMOD_DATE}"
# Confirm GPG_ID is correct:
if ${GPG_COMMAND} --list-secret-keys ${GPG_ID} > /dev/null 2>&1; then
${GPG_COMMAND} --armor --export ${GPG_ID} > ${LOCAL_KEY_FILE}
LASTMOD_DATE="$(ls -al ${LOCAL_KEY_FILE} | awk '{print $6,$7, $8}')"
echo " Updated now: ${LASTMOD_DATE}"
else
echo " • ERROR: Could not export key ${GPG_ID}. Aborting."
exit 128
fi
# Send new public key to personal server:
if [[ "${ENABLE_PERSONAL_KEY_SERVER}" == "1" ]]; then
if which scp > /dev/null; then
# Build the destination used by scp
PERSONAL_KEY_SERVER="${PERSONAL_KEY_SERVER_USER}@${PERSONAL_KEY_SERVER_DOMAIN}:${PERSONAL_KEY_SERVER_DEST_FOLDER}"
printf " • Sending key to ${PERSONAL_KEY_SERVER}... "
scp -q ${LOCAL_KEY_FILE} ${PERSONAL_KEY_SERVER}/ && echo " DONE."
else
echo " • ERROR: Could not find 'scp' in your PATH."
exit 128
fi
fi
# Send key to Keybase.io:
if [[ "${ENABLE_KEYBASE}" == "1" ]]; then
if which keybase > /dev/null; then
echo " • Sending key to keybase.io..."
keybase pgp update
else
echo " • ERROR: Could not find 'keybase' in your PATH."
exit 128
fi
fi
# Send keys to public keyserver:
if [[ "${ENABLE_PUBLIC_KEY_SERVERS}" == "1" ]]; then
for S in "${PUBLIC_KEY_SERVERS[@]}"; do
printf " • ";
${GPG_COMMAND} --keyid-format long --keyserver "${S}" --send-key ${GPG_ID}
done
fi