REQUIRED_USER_KEY_CAPABILITY=${MONKEYSPHERE_REQUIRED_USER_KEY_CAPABILITY:="a"}
GNUPGHOME_CORE=${MONKEYSPHERE_GNUPGHOME_CORE:="${MADATADIR}/core"}
GNUPGHOME_SPHERE=${MONKEYSPHERE_GNUPGHOME_SPHERE:="${MADATADIR}/sphere"}
+CORE_KEYLENGTH=${MONKEYSPHERE_CORE_KEYLENGTH:="2048"}
# export variables needed in su invocation
export DATE
export GNUPGHOME_CORE
export GNUPGHOME_SPHERE
export GNUPGHOME
+export CORE_KEYLENGTH
# get subcommand
COMMAND="$1"
local TMPLOC=$(mktemp -d "${MATMPDIR}"/tmp.XXXXXXXXXX) || failure "Could not create temporary directory!"
# generate the key with ssh-keygen...
- log debug "generating ssh key..."
- ssh-keygen -q -b 1024 -t rsa -N '' -f "${TMPLOC}/authkey" || failure "Could not generate new key for Monkeysphere authentication trust core"
+ log debug "generating ssh key ($CORE_KEYLENGTH bits)..."
+ ssh-keygen -q -b "$CORE_KEYLENGTH" -t rsa -N '' -f "${TMPLOC}/authkey" || failure "Could not generate new key for Monkeysphere authentication trust core"
# and then translate to openpgp encoding and import
# FIXME: pem2openpgp currently sets the A flag and a short
# expiration date. We should set the C flag and no expiration
# date.
- log debug "converting ssh key to pgp key and importing into core..."
+ log debug "converting ssh key to openpgp key and importing into core..."
< "${TMPLOC}/authkey" pem2openpgp "$CORE_UID" | gpg_core --import || failure "Could not import new key for Monkeysphere authentication trust core"
# get fingerprint of core key. should definitely not be empty at this point
export MONKEYSPHERE_MONKEYSPHERE_USER=$(whoami)
export MONKEYSPHERE_CHECK_KEYSERVER=false
export MONKEYSPHERE_LOG_LEVEL=DEBUG
+export MONKEYSPHERE_CORE_KEYLENGTH=1024
export SSHD_CONFIG="$TEMPDIR"/sshd_config
export SOCKET="$TEMPDIR"/ssh-socket
projects / monkeysphere.git / commitdiff