Home Explore Help
Sign In
secstate
/
dotfiles
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: b35f68817e
Branches Tags
dotfiles
/
bin
/
.bin
/
load_keys

load_keys 1.0 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940 
  1. #!/usr/bin/env bash
    2. 

  2. set -euo pipefail
    3. 

  3. 

  4. PASS_BASE="personal/ssh"
    5. 

  5. STORE_ROOT="${PASSWORD_STORE_DIR:-$HOME/.password-store}"
    6. 

  6. ABS_BASE_PATH="${STORE_ROOT}/${PASS_BASE}"
    7. 

  7. 

  8. # Ensure ssh-agent is running
    9. 

  9. if [[ -z "${SSH_AUTH_SOCK:-}" ]]; then
    10. 

  10.     eval "$(ssh-agent -s)"
    11. 

  11. fi
    12. 

  12. 

  13. # Verify the base path exists
    14. 

  14. if [[ ! -d "$ABS_BASE_PATH" ]]; then
    15. 

  15.   echo "ERROR: Base path not found in pass: $PASS_BASE" >&2
    16. 

  16.   exit 1
    17. 

  17. fi
    18. 

  18. 

  19. # Loop through each identity subdirectory
    20. 

  20. echo -n "Injecting ssh keys "
    21. 

  21. while IFS= read -r dir; do
    22. 

  22.   IDENTITY=$(basename "$dir")
    23. 

  23.   
    24. 

  24.   # Find the latest .gpg file by name (ISO sort)
    25. 

  25.   LATEST_FILE=$(find "$dir" -maxdepth 1 -name "*.gpg" -exec basename {} \; \
    26. 

  26.     | sed 's/\.gpg$//' \
    27. 

  27.     | sort -r \
    28. 

  28.     | head -n 1)
    29. 

  29. 

  30.   if [[ -z "$LATEST_FILE" ]]; then
    31. 

  31.     continue
    32. 

  32.   fi
    33. 

  33. 

  34.   echo -n "."
    35. 

  35.   
    36. 

  36.   # Decrypt and pipe directly to ssh-add
    37. 

  37.   # The '-' tells ssh-add to read the key from standard input (stdin)
    38. 

  38.   pass show "${PASS_BASE}/${IDENTITY}/${LATEST_FILE}" | ssh-add - >/dev/null 2>&1
    39. 

  39. 

  40. done < <(find "$ABS_BASE_PATH" -mindepth 1 -maxdepth 1 -type d)
    41.