#!/bin/sh -eu
+# SYNTAX:
+# DESCRIPTION: envoie sur $local_fqdn la clef OpenPGP utilisée par duplicity(1).
tool=$(readlink -e "${0%/*}/..")
. "$tool"/remote/lib.sh
-gpg --export-options export-reset-subkey-passwd \
- --export-secret-subkeys "backup+$vm_hostname@$vm_domainname" |
-"$tool"/remote/ssh gpg --import -
+uid=backup+"$local_hostname"@"$local_domainname"
+trap_exit () {
+ "$tool"/remote/gpg-preset-passphrase --forget "$uid"
+ }
+trap trap_exit EXIT
+"$tool"/remote/gpg-preset-passphrase --preset "$uid"
+
+"$tool"/remote/gpg \
+ --export-options export-reset-subkey-passwd \
+ --export-secret-subkeys "$uid" |
+"$tool"/remote/ssh backup@"$local_fqdn" gpg --import -