# /etc/profile.d/keychain.sh - process keychaining # check for keychain existing, else terminate which keychain &>/dev/null && ( SSH_DIR="$HOME/.ssh" LOAD_KEYS="" ALL_DSA2_KEYS="" ALL_RSA2_KEYS="" ALL_RSA1_KEYS="" KEYCHAIN_SSH_KEYS="" KEYCHAIN_GPG_KEYS="" if [ -f $HOME/.keychainrc ]; then # read in keychain settings source $HOME/.keychainrc # probe whether keychain is activated or not if [ "$ACTIVE" != "no" -o "$ACTIVE" == "yes" ]; then # SSH protocol version 2 dsa keys if [ -n "$DSA2_KEYS" ]; then if [ "$DSA2_KEYS" == "all" ]; then ALL_DSA2_KEYS="$SSH_DIR/*id_dsa" else for dsa2key in "$DSA2_KEYS"; do LOAD_KEYS="$LOAD_KEYS $dsa2key" done fi fi # SSH protocol version 2 rsa keys if [ -n "$RSA2_KEYS" ]; then if [ "$RSA2_KEYS" == "all" ]; then ALL_RSA2_KEYS="$SSH_DIR/*id_rsa" else for rsa2key in "$RSA2_KEYS"; do LOAD_KEYS="$LOAD_KEYS $rsa2key" done fi fi # SSH protocol version 1 rsa keys if [ -n "$RSA1_KEYS" ]; then if [ "$RSA1_KEYS" == "all" ]; then ALL_RSA1_KEYS="$SSH_DIR/*identity" else for rsa1key in "$RSA1_KEYS"; do LOAD_KEYS="$LOAD_KEYS $rsa1key" done fi fi # GPG keys - gpg-agent from gnupg2 required if [ -n "$GPG_KEYS" ]; then KEYCHAIN_GPG_KEYS="$GPG_KEYS" fi # finally run keychain and load keys KEYCHAIN_SSH_KEYS="$ALL_DSA2_KEYS $ALL_RSA2_KEYS $ALL_RSA1_KEYS $LOAD_KEYS" if [ -n "$KEYCHAIN_SSH_KEYS" ]; then keychain ${OPTIONS} ${KEYCHAIN_SSH_KEYS} if [ -f $HOME/.keychain/$HOSTNAME-sh ]; then source $HOME/.keychain/$HOSTNAME-sh else echo "something went wrong with keychain regarding SSH key load" fi fi if [ -n "$KEYCHAIN_GPG_KEYS" ]; then keychain ${OPTIONS} ${KEYCHAIN_GPG_KEYS} if [ -f $HOME/.keychain/$HOSTNAME-sh-gpg ]; then source $HOME/.keychain/$HOSTNAME-sh-gpg else echo "something went wrong with keychain regarding GPG key load" fi fi fi # if no user .keychainrc exists, then create a default one, but set keychain # not active else echo echo "~/.keychainrc missing ..." echo "generating a default one." echo cat > "$HOME/.keychainrc" <