From dcffb01c5b31b5bc9ad8da85099ea8c550aa358c Mon Sep 17 00:00:00 2001
From: Sam Chudnick <sam@chudnick.com>
Date: Sat, 11 Dec 2021 10:08:56 -0500
Subject: Added id-init script and added it to xinitrc. Removed comment from
 xinitrc referencing dwm startup loop that is no longer implemented.

---
 .local/bin/id-init | 38 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)
 create mode 100755 .local/bin/id-init

(limited to '.local/bin')

diff --git a/.local/bin/id-init b/.local/bin/id-init
new file mode 100755
index 0000000..82d4a7b
--- /dev/null
+++ b/.local/bin/id-init
@@ -0,0 +1,38 @@
+#!/bin/bash
+#
+# Initalizes various identity management programs
+#
+# Must be run with bash (or probably any other shell that is not narrowly posix-compliant)
+# to use here-string redirection
+#
+# This is a very short script but may require some explanation as to its purpose.
+#
+# I use both KeePassXC and pass for password management. This may seem redundant, and in some
+# aspects it probably is, but for me each program has a purpose that the other cannot fill
+# completely.  Pass is great for programmatic access of passwords because of its use of 
+# gpg-agent, and KeePassXC's integration with ssh-agent is very useful.
+# 
+# This script first caches the passhphrase for the GPG key which allows further use of the
+# key without a prompt for a password - this of course applies to pass as well since it uses
+# the gpg key.  KeePassXC is then opened, which also adds the SSH keys to the ssh-agent.
+#
+# KeePassXC, pass, gpg-agent, and ssh-agent are then all initialized and ready to be 
+# used without any further user input, with just one set of credentials.
+
+
+# Cache passphrase for gpg key in gpg-agent which is stored in KeePassXC
+# Caching the GPG passphrase will allow access to pass without user input
+# 
+# gpg-agent must be started with --allow-preset-passhprase or have it in the config file
+# gpg-preset-passphrase respects gpg-agent's --max-cache-ttl option which defaults to 2 hours
+# you may want to increase that if you want the password to be cached for the whole session
+
+KEYGRIP="$(gpg -K --with-keygrip --with-colons | grep grp | tail -n 1 | cut -d':' -f10)"
+/usr/lib/gnupg/gpg-preset-passphrase --preset $KEYGRIP \
+		<<< "$(keepassxc-cli show $XDG_CONFIG_HOME/keepassxc/Passwords.kdbx -a Password GPG)"
+
+# Open graphical KeePassXC with password stored in pass, now that pass can be accessed
+# without entering credentials for the GPG key
+# This will also add SSH keys to ssh-agent
+
+keepassxc $XDG_CONFIG_HOME/keepassxc/Passwords.kdbx --pw-stdin <<< "$(pass keepassxc)"
-- 
cgit v1.2.3