generate-sekey.sh (view raw)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 | #!/bin/zsh
# macOS-only; can assume zsh
set -euo pipefail
host=$1
pubfile="${HOME}/.ssh/sekey/${host}.pub"
function getKeyForHost () {
host=$1
sekey --list-keys | awk "\$2 == \"$host\" {print \$4}"
}
if [[ -z $(getKeyForHost $host) ]]
then
sekey --generate-keypair $host | { ! grep --invert-match "successfully generated" }
fi
if [[ -f $pubfile ]]
then
echo "Public key ${pubfile} already exists!"
echo "You should probably remove it, as there isn't a matching keypair in the Enclave"
exit 1
fi
keyid=$(getKeyForHost $host)
sekey --export-key $keyid | tee "$pubfile"
|