summaryrefslogtreecommitdiff
path: root/.local/bin/id-init
diff options
context:
space:
mode:
Diffstat (limited to '.local/bin/id-init')
-rwxr-xr-x.local/bin/id-init38
1 files changed, 38 insertions, 0 deletions
diff --git a/.local/bin/id-init b/.local/bin/id-init
new file mode 100755
index 0000000..82d4a7b
--- /dev/null
+++ b/.local/bin/id-init
@@ -0,0 +1,38 @@
1#!/bin/bash
2#
3# Initalizes various identity management programs
4#
5# Must be run with bash (or probably any other shell that is not narrowly posix-compliant)
6# to use here-string redirection
7#
8# This is a very short script but may require some explanation as to its purpose.
9#
10# I use both KeePassXC and pass for password management. This may seem redundant, and in some
11# aspects it probably is, but for me each program has a purpose that the other cannot fill
12# completely. Pass is great for programmatic access of passwords because of its use of
13# gpg-agent, and KeePassXC's integration with ssh-agent is very useful.
14#
15# This script first caches the passhphrase for the GPG key which allows further use of the
16# key without a prompt for a password - this of course applies to pass as well since it uses
17# the gpg key. KeePassXC is then opened, which also adds the SSH keys to the ssh-agent.
18#
19# KeePassXC, pass, gpg-agent, and ssh-agent are then all initialized and ready to be
20# used without any further user input, with just one set of credentials.
21
22
23# Cache passphrase for gpg key in gpg-agent which is stored in KeePassXC
24# Caching the GPG passphrase will allow access to pass without user input
25#
26# gpg-agent must be started with --allow-preset-passhprase or have it in the config file
27# gpg-preset-passphrase respects gpg-agent's --max-cache-ttl option which defaults to 2 hours
28# you may want to increase that if you want the password to be cached for the whole session
29
30KEYGRIP="$(gpg -K --with-keygrip --with-colons | grep grp | tail -n 1 | cut -d':' -f10)"
31/usr/lib/gnupg/gpg-preset-passphrase --preset $KEYGRIP \
32 <<< "$(keepassxc-cli show $XDG_CONFIG_HOME/keepassxc/Passwords.kdbx -a Password GPG)"
33
34# Open graphical KeePassXC with password stored in pass, now that pass can be accessed
35# without entering credentials for the GPG key
36# This will also add SSH keys to ssh-agent
37
38keepassxc $XDG_CONFIG_HOME/keepassxc/Passwords.kdbx --pw-stdin <<< "$(pass keepassxc)"