trying to improve m-a setup; still not successfully tested.

author Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Sun, 1 Feb 2009 07:52:26 +0000 (02:52 -0500)

committer Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Sun, 1 Feb 2009 07:52:26 +0000 (02:52 -0500)
author Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Sun, 1 Feb 2009 07:52:26 +0000 (02:52 -0500)
committer Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Sun, 1 Feb 2009 07:52:26 +0000 (02:52 -0500)
diff --git a/src/share/ma/setup b/src/share/ma/setup

index 944bb4d8cf139273ecab799380b1781ab0863269..764fdb8080ddc13d8b7b3a885386495302bed174 100644 (file)
--- a/src/share/ma/setup
+++ b/src/share/ma/setup
@@ -45,15 +45,14 @@ EOF
  
         local CORE_UID=$(printf "Monkeysphere authentication trust core UID (random string: %s)" $(head -c21 </dev/urandom | base64))
      
-       if gpg_core --gen-key --batch <<EOF
-Key-Type: RSA
-Key-Length: 2048
-Key-Usage: certify
-Name-Real: $CORE_UID
+       local TMPLOC=$(mktemp -d ${MATMPDIR}/tmp.XXXXXXXXXX) || failure "Could not create temporary directory!"
+       ssh-keygen -q -b 2048 -t rsa -N'' "${TMPLOC}/authkey" || failure "Could not generate new key for Monkeysphere authentication trust core"
+
+       # FIXME: pem2openpgp currently sets the A flag and a short
+       # expiration date.  We should set the C flag and no expiration
+       # date.
+       < "${TMPLOC}/authkey" pem2openpgp "$CORE_UID" | gpg --import || failure "Could not import new key for Monkeysphere authentication trust core"
  
-%commit
-%echo done
-EOF
         then
             CORE_FPR=$(gpg_core --with-colons --fixed-list-mode --fingerprint --list-secret-key | grep ^fpr: | cut -f10 -d: )
             if [ -z "$CORE_FPR" ] ; then
author	Daniel Kahn Gillmor <dkg@fifthhorseman.net>
	Sun, 1 Feb 2009 07:52:26 +0000 (02:52 -0500)
committer	Daniel Kahn Gillmor <dkg@fifthhorseman.net>
	Sun, 1 Feb 2009 07:52:26 +0000 (02:52 -0500)