summaryrefslogtreecommitdiff
path: root/.local/bin/id-init
diff options
context:
space:
mode:
Diffstat (limited to '.local/bin/id-init')
-rwxr-xr-x.local/bin/id-init40
1 files changed, 9 insertions, 31 deletions
diff --git a/.local/bin/id-init b/.local/bin/id-init
index 11221c3..72f8cbe 100755
--- a/.local/bin/id-init
+++ b/.local/bin/id-init
@@ -1,31 +1,9 @@
1#!/bin/bash 1#!/bin/sh
2# 2
3# Initalizes various identity management programs 3tmpfile="$(mktemp)"
4# 4chmod 700 $tmpfile
5# Must be run with bash (or probably any other shell that is not narrowly posix-compliant) 5echo "pass ssh" > $tmpfile
6# to use here-string redirection 6export SSH_ASKPASS="$tmpfile"
7 7export SSH_ASKPASS_REQUIRE="force"
8# Cache passphrase for gpg key in gpg-agent which is stored in KeePassXC 8ssh-add
9# Caching the GPG passphrase will allow access to pass without user input 9rm $tmpfile
10#
11# gpg-agent must be started with --allow-preset-passhprase or have it in the config file
12# gpg-preset-passphrase respects gpg-agent's --max-cache-ttl option which defaults to 2 hours
13# you may want to increase that if you want the password to be cached for the whole session
14
15get_pass() {
16 continue=1
17 while [ $continue -eq 1 ]
18 do
19 keepassxc-cli show $XDG_CONFIG_HOME/keepassxc/Passwords.kdbx -a Password GPG
20 continue=$?
21 done
22}
23
24KEYGRIP="$(gpg -K --with-keygrip --with-colons | grep grp | tail -n 1 | cut -d':' -f10)"
25/usr/lib/gnupg/gpg-preset-passphrase --preset $KEYGRIP <<< "$(get_pass)"
26
27# Open graphical KeePassXC with password stored in pass, now that pass can be accessed
28# without entering credentials for the GPG key
29# This will also add SSH keys to ssh-agent
30
31keepassxc $XDG_CONFIG_HOME/keepassxc/Passwords.kdbx --pw-stdin <<< "$(pass keepassxc)"