2 # This should be sourced by bash (though we welcome changes to make it POSIX sh compliant)
4 # Monkeysphere authentication keys-for-user subcommand
6 # The monkeysphere scripts are written by:
7 # Jameson Rollins <jrollins@finestructure.net>
8 # Daniel Kahn Gillmor <dkg@fifthhorseman.net>
10 # They are Copyright 2008-2010, and are all released under the GPL,
13 # This command could be run as an sshd AuthorizedKeysCommand to
14 # provide the authorized keys for a user, based on OpenPGP user id's
15 # listed in the user's authorized_user_ids file.
20 local authorizedUserIDs
23 # get users from command line
26 # path to authorized_user_ids file, translating ssh-style path
28 authorizedUserIDs=$(translate_ssh_variables "$uname" "$AUTHORIZED_USER_IDS")
30 # exit if the authorized_user_ids file is empty
31 if [ ! -s "$authorizedUserIDs" ] ; then
32 failure "authorized_user_ids file '$authorizedUserIDs' is empty or does not exist."
35 log debug "authorized_user_ids file: $authorizedUserIDs"
37 # check permissions on the authorized_user_ids file path
38 check_key_file_permissions "$uname" "$authorizedUserIDs" || failure
40 GNUPGHOME="$GNUPGHOME_SPHERE"
43 # extract user IDs from authorized_user_ids file
45 for line in $(meat "$authorizedUserIDs") ; do
46 if [[ "$line" =~ ^[[:space:]] ]] ; then
49 printf '%s' "$line" | \
50 su_monkeysphere_user ". ${SYSSHAREDIR}/common; read X; keys_for_userid \"\$X\"" || true