u
This commit is contained in:
committer
@@ -2,78 +2,90 @@
|
||||
|
||||
# klevstul :: 24.06
|
||||
|
||||
# how to backup gpg:
|
||||
# gpg --export --export-options backup --output public.gpg frode@thisworld.is
|
||||
# gpg --export-secret-keys --export-options backup --output private.gpg frode@thisworld.is
|
||||
# ref: https://www.howtogeek.com/816878/how-to-back-up-and-restore-gpg-keys-on-linux/
|
||||
|
||||
this_file_name=`basename "$0"`
|
||||
echo "$this_file_name"
|
||||
|
||||
# location of ssh keys
|
||||
syncdir_env_var=SYNCDIR_${HOSTNAME}
|
||||
src_gnupg_dir=${!syncdir_env_var}/secrets/.gnupg
|
||||
trg_gnupg_dir=~/.gnupg
|
||||
src_gnupg_dir=${!syncdir_env_var}/secrets/gnupg
|
||||
|
||||
echo "\$SYNCDIR_${HOSTNAME}=${!syncdir_env_var}"
|
||||
echo "src_gnupg_dir: ${src_gnupg_dir}"
|
||||
gpg --import ${src_gnupg_dir}/public.gpg
|
||||
gpg --import ${src_gnupg_dir}/private.gpg
|
||||
|
||||
if ! [[ -d ${src_gnupg_dir} ]]; then
|
||||
echo "error: non-existing directory '${src_gnupg_dir}'" >&2; exit 1
|
||||
fi
|
||||
gpg --list-secret-keys --keyid-format LONG
|
||||
|
||||
if ! [[ -d "$trg_gnupg_dir" ]]; then
|
||||
echo "creating non-existing target dir '${trg_gnupg_dir}'."
|
||||
mkdir -p ${trg_gnupg_dir}
|
||||
fi
|
||||
|
||||
the_file=trustdb.gpg
|
||||
if ! [[ -f ${trg_gnupg_dir}/${the_file} ]]; then
|
||||
echo "deploy ${the_file}"
|
||||
cp ${src_gnupg_dir}/${the_file} ${trg_gnupg_dir}
|
||||
else
|
||||
echo "${the_file} already exist in ${trg_gnupg_dir}"
|
||||
fi
|
||||
|
||||
the_file=pubring.kbx
|
||||
if ! [[ -f ${trg_gnupg_dir}/${the_file} ]]; then
|
||||
echo "deploy ${the_file}"
|
||||
cp ${src_gnupg_dir}/${the_file} ${trg_gnupg_dir}
|
||||
else
|
||||
echo "${the_file} already exist in ${trg_gnupg_dir}"
|
||||
fi
|
||||
|
||||
the_directory=openpgp-revocs.d
|
||||
if ! [[ -d ${trg_gnupg_dir}/${the_directory} ]]; then
|
||||
echo "deploy ${the_directory}"
|
||||
cp -r ${src_gnupg_dir}/${the_directory} ${trg_gnupg_dir}
|
||||
else
|
||||
echo "${the_directory} already exist in ${trg_gnupg_dir}"
|
||||
fi
|
||||
|
||||
the_file=private-keys-v1.d.7z.gpg
|
||||
if ! [[ -d ${trg_gnupg_dir}/private-keys-v1.d ]]; then
|
||||
echo "deploy private-keys-v1.d"
|
||||
cp ${src_gnupg_dir}/${the_file} ${trg_gnupg_dir}
|
||||
else
|
||||
echo
|
||||
echo "ERROR: directory 'private-keys-v1.d' already exist in ${trg_gnupg_dir}"
|
||||
echo "rename or delete existing directory and try again (backup the content if needed)."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "do you want to unpack and decrypt ${the_file}? (y/n)"
|
||||
read user_input
|
||||
|
||||
if [[ ${user_input} == "y" ]]; then
|
||||
echo "yes"
|
||||
echo "please, remember the hint: poq.l2"
|
||||
gpg -d ${trg_gnupg_dir}/${the_file} > ${trg_gnupg_dir}/private-keys-v1.d.7z
|
||||
7za x ${trg_gnupg_dir}/private-keys-v1.d.7z -o${trg_gnupg_dir}
|
||||
chmod 0600 ${trg_gnupg_dir}/private-keys-v1.d/* # private keys should not be accessible by other users
|
||||
|
||||
trash-put ${trg_gnupg_dir}/private-keys-v1.d.7z.gpg
|
||||
trash-put ${trg_gnupg_dir}/private-keys-v1.d.7z
|
||||
else
|
||||
echo "no worries. you can manually unpack and decrypt the file, if needed:"
|
||||
echo "gpg -d private-keys-v1.d.7z.gpg > private-keys-v1.d.7z"
|
||||
echo "7za x -private-keys-v1.d.7z"
|
||||
fi
|
||||
|
||||
echo "${trg_gnupg_dir}:"
|
||||
ls -al ${trg_gnupg_dir}
|
||||
#trg_gnupg_dir=~/.gnupg
|
||||
#
|
||||
#echo "\$SYNCDIR_${HOSTNAME}=${!syncdir_env_var}"
|
||||
#echo "src_gnupg_dir: ${src_gnupg_dir}"
|
||||
#
|
||||
#if ! [[ -d ${src_gnupg_dir} ]]; then
|
||||
# echo "error: non-existing directory '${src_gnupg_dir}'" >&2; exit 1
|
||||
#fi
|
||||
#
|
||||
#if ! [[ -d "$trg_gnupg_dir" ]]; then
|
||||
# echo "creating non-existing target dir '${trg_gnupg_dir}'."
|
||||
# mkdir -p ${trg_gnupg_dir}
|
||||
#fi
|
||||
#
|
||||
#the_file=trustdb.gpg
|
||||
#if ! [[ -f ${trg_gnupg_dir}/${the_file} ]]; then
|
||||
# echo "deploy ${the_file}"
|
||||
# cp ${src_gnupg_dir}/${the_file} ${trg_gnupg_dir}
|
||||
#else
|
||||
# echo "${the_file} already exist in ${trg_gnupg_dir}"
|
||||
#fi
|
||||
#
|
||||
#the_file=pubring.kbx
|
||||
#if ! [[ -f ${trg_gnupg_dir}/${the_file} ]]; then
|
||||
# echo "deploy ${the_file}"
|
||||
# cp ${src_gnupg_dir}/${the_file} ${trg_gnupg_dir}
|
||||
#else
|
||||
# echo "${the_file} already exist in ${trg_gnupg_dir}"
|
||||
#fi
|
||||
#
|
||||
#the_directory=openpgp-revocs.d
|
||||
#if ! [[ -d ${trg_gnupg_dir}/${the_directory} ]]; then
|
||||
# echo "deploy ${the_directory}"
|
||||
# cp -r ${src_gnupg_dir}/${the_directory} ${trg_gnupg_dir}
|
||||
#else
|
||||
# echo "${the_directory} already exist in ${trg_gnupg_dir}"
|
||||
#fi
|
||||
#
|
||||
#the_file=private-keys-v1.d.7z.gpg
|
||||
#if ! [[ -d ${trg_gnupg_dir}/private-keys-v1.d ]]; then
|
||||
# echo "deploy private-keys-v1.d"
|
||||
# cp ${src_gnupg_dir}/${the_file} ${trg_gnupg_dir}
|
||||
#else
|
||||
# echo
|
||||
# echo "ERROR: directory 'private-keys-v1.d' already exist in ${trg_gnupg_dir}"
|
||||
# echo "rename or delete existing directory and try again (backup the content if needed)."
|
||||
# exit 1
|
||||
#fi
|
||||
#
|
||||
#echo "do you want to unpack and decrypt ${the_file}? (y/n)"
|
||||
#read user_input
|
||||
#
|
||||
#if [[ ${user_input} == "y" ]]; then
|
||||
# echo "yes"
|
||||
# echo "please, remember the hint: poq.l2"
|
||||
# gpg -d ${trg_gnupg_dir}/${the_file} > ${trg_gnupg_dir}/private-keys-v1.d.7z
|
||||
# 7za x ${trg_gnupg_dir}/private-keys-v1.d.7z -o${trg_gnupg_dir}
|
||||
# chmod 0600 ${trg_gnupg_dir}/private-keys-v1.d/* # private keys should not be accessible by other users
|
||||
#
|
||||
# trash-put ${trg_gnupg_dir}/private-keys-v1.d.7z.gpg
|
||||
# trash-put ${trg_gnupg_dir}/private-keys-v1.d.7z
|
||||
#else
|
||||
# echo "no worries. you can manually unpack and decrypt the file, if needed:"
|
||||
# echo "gpg -d private-keys-v1.d.7z.gpg > private-keys-v1.d.7z"
|
||||
# echo "7za x -private-keys-v1.d.7z"
|
||||
#fi
|
||||
#
|
||||
#echo "${trg_gnupg_dir}:"
|
||||
#ls -al ${trg_gnupg_dir}
|
||||
#
|
||||
Reference in New Issue
Block a user