remote/iodined-key-send

   1 #!/bin/sh -eu
   2 tool=$(readlink -e "${0%/*}/..")
   3 . "$tool"/remote/lib.sh
   4
   5 install -d -m 700 \
   6  "$tool"/var/sec \
   7  "$tool"/var/sec/iodine
   8 if test ! -e "$tool"/var/sec/iodine/"$local_iodine_ns".pass.gpg
   9  then gpg --encrypt $gpg_options -o "$tool"/var/sec/iodine/"$local_iodine_ns".pass.gpg <<-EOF
  10                 $(stdbuf --output 0 tr -d -c '[:alnum:][:punct:]' <"${random:-/dev/urandom}" | head -c 32)
  11                 EOF
  12  fi
  13
  14 gpg --decrypt ${gpg_options-} "$tool"/var/sec/iodine/"$local_iodine_ns".pass.gpg |
  15 "$tool"/remote/ssh root@"$local_fqdn" '
  16         set -eux
  17         test ! -e /root/.iodined_pass
  18         install -m 400 -o root -g root /dev/stdin \
  19          /root/.iodined_pass
  20  '