BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] Script for signing keys for BLU keysigning

Subject: [Discuss] Script for signing keys for BLU keysigning
From: gaf at blu.org (Jerry Feldman)
Date: Mon, 26 Sep 2011 18:17:08 -0400
In-reply-to: <CA+h9Qs6dgLu53zYkJQk_J5_4JtOeC2ORRZy0i6oTJDYZgfiZtQ@mail.gmail.com>
References: <CA+h9Qs6rTHUvKWGPw_fjningRDZb5cwz6Q7xeLLcZSqJGv3g3Q@mail.gmail.com> <CAJFsZ=pxRbcwhit-_G0GrT_dQLA+RoDTezLKXcTUZUREL0sT-A@mail.gmail.com> <CA+h9Qs4pd4FDd+u5CwdPbrWGHmM9O4stTSMfwm4mtJ7tY5FXzA@mail.gmail.com> <4E80DCDD.1010707@blu.org> <CA+h9Qs6dgLu53zYkJQk_J5_4JtOeC2ORRZy0i6oTJDYZgfiZtQ@mail.gmail.com>

mailx works just fine.
Possibly one could create an mbox in the drafts folder. But I think thr
bsmtp with either sendmail or mailx works fine.
A couple of things I would like to do is:
1. send key only to the primary email address on the key.
2. send in real time 1 message per recipient/key. The advantage here is
that that the script sends the email rather than writes a shar.
2a. Similar to above except that it sends to all recipients on the key
with 1 call to mailx.
3. There are different versions of the command line email. Make sure the
script works on most Linux distros.
4. Spawn a gpg agent to reduce the number of pass phrases. Not sure
while my running gpg-agent did not work in this context since I have one
running.
5. Don't forget about the script until next year like I did :-)


On 09/26/2011 04:37 PM, John Abreau wrote:
> Suggestions for other options are welcome. One that just occurred to me
> would be to generate an mbox file instead of a bsmtp file. Perhaps the
> mbox file could somehow be passed into an MUA such as Thunderbird
> in such a way as to trick the MUA into sending the batch of messages?
>
> For now, one can just copy and paste the generated messages.With only
> a small handful of keys to be signed, it's a relatively small chore.
>
>
>
> On Mon, Sep 26, 2011 at 4:13 PM, Jerry Feldman <gaf at blu.org> wrote:
>> I still had the scripts of the past few years, but I found on my system,
>> I have sendmail disabled because of port forwarding, and the resulting
>> shar did not work, so the script I am using uses the mailx client.
>>
>> On 09/25/2011 09:36 PM, John Abreau wrote:
>>> Apparently some people didn't receive the attached bash script I had sent
>>> to the list, so I've added it to the BLU website. You can find it at
>>>
>>>     http://blu.org/meetings/2011/09/email-signed-keys.txt
>>>
>>> The script scrapes the BLU website to find the date of the most recent
>>> BLU keysigning party, and uses the first email address it finds on your
>>> signing key as the sender address. The script will walk you through the
>>> process of signing each keyid you specify on the command line, fetching
>>> each key from subkeys.php.net before asking if you want to sign it.
>>> The script then generates a Batch-SMTP shar archive file containing
>>> email messages to send each key to the email addresses found on the
>>> key's uids, after exporting and encrypting the key so that only someone
>>> with access to the corresponding secret key can read the message.
>>>
>>>
>>>
>>> On Sun, Sep 25, 2011 at 8:39 AM, Bill Bogstad <bogstad at pobox.com> wrote:
>>>> Err, I don't use PGP, but I didn't see an attachment at my end.
>>>> Perhaps the list software strips attachments?
>>>>
>>>> Bill Bogstad
>>>>
>>>> On Sun, Sep 25, 2011 at 5:38 AM, John Abreau <jabr at blu.org> wrote:
>>>>> Attached is my bash script for signing keys after a BLU keysigning party.
>>>>> Usage:
>>>>>
>>>>>    email-signed-keys.sh [ --local-user keyid ] keyid keyid keyid ....
>>>>>
>>>>> If you want to sign with a secret key other than your default secret key,
>>>>> use the "--local-user" option.
>>>>>
>>>>> The script prompts you to sign each key listed on the command line,
>>>>> then produces a BSMTP (batch smtp) shar archive to email the
>>>>> signed and encrypted keys to their owners so that only the person
>>>>> who has each secret key can read the corresponding email.
>>>>>
>>>>> To avoid having to retype your pass phrase multiple times, it helps
>>>>> to run gpg-agent to cache the pass phrase.
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> John Abreau / Executive Director, Boston Linux & Unix
>>>>> Email jabr at blu.org / WWW http://www.abreau.net / PGP-Key-ID 0xD5C7B5D9
>>>>> PGP-Key-Fingerprint 72 FB 39 4F 3C 3B D6 5B E0 C8 5A 6E F1 2C BE 99
>>>>>
>>>>> _______________________________________________
>>>>> Discuss mailing list
>>>>> Discuss at blu.org
>>>>> http://lists.blu.org/mailman/listinfo/discuss
>>>>>
>>>>>
>>>
>>
>> --
>> Jerry Feldman <gaf at blu.org>
>> Boston Linux and Unix
>> PGP key id:3BC1EB90
>> PGP Key fingerprint: 49E2 C52A FC5A A31F 8D66  C0AF 7CEA 30FC 3BC1 EB90
>>
>> _______________________________________________
>> Discuss mailing list
>> Discuss at blu.org
>> http://lists.blu.org/mailman/listinfo/discuss
>>
>
>


-- 
Jerry Feldman <gaf at blu.org>
Boston Linux and Unix
PGP key id:3BC1EB90 
PGP Key fingerprint: 49E2 C52A FC5A A31F 8D66  C0AF 7CEA 30FC 3BC1 EB90

References:
- [Discuss] Script for signing keys for BLU keysigning
  - From: jabr at blu.org (John Abreau)
- [Discuss] Script for signing keys for BLU keysigning
  - From: jabr at blu.org (John Abreau)
- [Discuss] Script for signing keys for BLU keysigning
  - From: gaf at blu.org (Jerry Feldman)
- [Discuss] Script for signing keys for BLU keysigning
  - From: jabr at blu.org (John Abreau)

Prev by Date: [Discuss] [event] MongoDB Conference in Boston on Oct 3
Next by Date: [Discuss] LVM Re: A really interesting chain of functionality
Previous by thread: [Discuss] Script for signing keys for BLU keysigning
Next by thread: [Discuss] LVM Re: A really interesting chain of functionality
Index(es):
- Date
- Thread


BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Boston Linux & Unix / webmaster@blu.org