luzifer/cfg
1
0
Fork 0
Code Releases Activity

Add GPG management scripts

Browse source 
Signed-off-by: Knut Ahlers <knut@ahlers.me>
This commit is contained in:
Knut Ahlers 2018-08-17 11:52:10 +02:00
parent 3b2005f0aa
commit 92e66d42e0
Signed by: luzifer
GPG key ID: DC2729FDD34BE99E
2 changed files with 41 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
bin/cleanup_gpg Executable file
View file

@ -0,0 +1,21 @@
#!/bin/bash
set -euo pipefail
function echo_check() {
echo -n "$1: "
shift
$@ >/dev/null 2>&1 && echo "OK" || echo "FAIL (Command: $@)"
}
# Remove expired and revoked keys
for key in $(gpg2 --list-keys --with-colons | awk -F : '/^pub:[er]/{ print $5 }'); do
echo_check "Removing key ${key}" gpg2 --batch --quiet --delete-keys --yes ${key}
done
# Cleanup remaining keys
for key in $(gpg2 --list-keys --with-colons | awk -F : '/^pub:[^er]/{ print $5 }'); do
echo_check "Cleaning key ${key}" gpg2 --batch --quiet --edit-key ${key} check clean cross-certify save quit
done
# Update keys
echo_check "Updating keys" gpg2 --batch --quiet --refresh-keys

20
bin/list_gpg_trust Executable file
View file

@ -0,0 +1,20 @@
#!/bin/bash
set -euo pipefail
trustmap=(
"unused"
"unused"
"I don't know or won't say"
"I do NOT trust"
"I trust marginally"
"I trust fully"
"I trust ultimately"
)
for trust in $(gpg --export-ownertrust | grep '^[^#]'); do
fp=$(echo "${trust}" | cut -d : -f 1)
score=$(echo "${trust}" | cut -d : -f 2)
echo "# $(gpg --list-keys "${fp}" 2>/dev/null | grep ^uid | head -n1 | sed -E 's/^uid\s+\[[a-z ]+\] //' || echo "Key / UID not found") (${trustmap[score]})"
echo "${trust}"
done