33 lines
1 KiB
Bash
Executable file
33 lines
1 KiB
Bash
Executable file
#!/bin/bash
|
|
# clean_keyring.sh - clean up all the excess keys
|
|
|
|
# my key should probably be the first secret key listed
|
|
mykey=$(gpg --list-secret-keys | grep '^sec' | cut -c 13-20)
|
|
if [ -z "$mykey" ]; then
|
|
# exit if no key string
|
|
echo "Can't get user's key ID"
|
|
exit 1
|
|
fi
|
|
|
|
# all of the people who have signed my key
|
|
mysigners=$(gpg --list-sigs $mykey | grep '^sig' | cut -c 14-21 | sort -u)
|
|
|
|
# keep all of the signers, plus my key (if I haven't self-signed)
|
|
keepers=$(echo $mykey $mysigners | tr ' ' '\012' | sort -u)
|
|
|
|
# the keepers list in egrep syntax: ^(key|key|…)
|
|
keepers_egrep=$(echo $keepers | sed 's/^/^(/; s/$/)/; s/ /|/g;')
|
|
|
|
# show all the keepers as a comment so this script's output is shell-able
|
|
echo '# Keepers: ' $keepers
|
|
|
|
# everyone who isn't on the keepers list is deleted
|
|
deleters=$(gpg --list-keys | grep '^pub' | cut -c 13-20 | grep -E -v ${keepers_egrep})
|
|
|
|
# echo the command if there are any to delete
|
|
# command is interactive
|
|
if [ -z "$deleters" ]; then
|
|
echo "# Nothing to delete!"
|
|
else
|
|
echo 'gpg --delete-keys' $deleters
|
|
fi
|