mirror of
https://git.FreeBSD.org/ports.git
synced 2024-11-14 23:46:10 +00:00
de8a9e2851
for making secure pipes across the internet (etc.)
86 lines
1.7 KiB
Bash
86 lines
1.7 KiB
Bash
#!/bin/sh
|
|
|
|
# This is an interactive script to setup SKIP keys, etc.
|
|
|
|
SKIP_ETC="${PREFIX}/etc/skip"
|
|
SKIP_BIN="${PREFIX}/bin"
|
|
|
|
Confirm()
|
|
{
|
|
while true; do
|
|
{
|
|
YESNO="$2"
|
|
echo -n "$1? [${YESNO}] "
|
|
read NEWYESNO
|
|
if [ "${NEWYESNO}" != "" ]; then
|
|
YESNO=${NEWYESNO}
|
|
fi
|
|
if [ "${YESNO}" != "y" -a "${YESNO}" != "n" ]; then
|
|
echo "Please answer y or n."
|
|
else
|
|
break
|
|
fi
|
|
}
|
|
done
|
|
if [ "${YESNO}" != "y" ]; then
|
|
return 1
|
|
else
|
|
return 0
|
|
fi
|
|
}
|
|
|
|
init_skip_dbs ()
|
|
{
|
|
echo "Initializing SKIP certification database..."
|
|
${SKIP_BIN}/skipdb init -o
|
|
|
|
echo "Initializing SKIP authorities database..."
|
|
${SKIP_BIN}/skipca init -r
|
|
|
|
echo "Initializing SKIP local identities database..."
|
|
${SKIP_BIN}/skiplocal init -o
|
|
}
|
|
|
|
generate_key ()
|
|
{
|
|
echo "Generating Diffie-Hellman public/private key pair..."
|
|
${SKIP_BIN}/skiplocal keygen
|
|
}
|
|
|
|
activate_skip ()
|
|
{
|
|
echo "Adding SKIP to primary network interface..."
|
|
${SKIP_BIN}/skipif -a
|
|
}
|
|
|
|
# main()
|
|
|
|
cat << xxENDxx
|
|
|
|
You now have a chance to:
|
|
|
|
o Initialize your SKIP databases.
|
|
o Generate a Diffie-Hellman public/private key pair.
|
|
o Add SKIP to your primary network interface.
|
|
|
|
Notes:
|
|
|
|
o If you have an existing working SKIP configuration that
|
|
you want to keep, you should choose NOT to proceed.
|
|
Proceeding will overwrite any existing SKIP configuration.
|
|
o If you choose not to proceed, you will have to initialize
|
|
the SKIP certification, authorities, and local identities
|
|
databases manually.
|
|
o SKIP will be active, but disabled, until you reboot and
|
|
enable it manually using the skiphost command as described
|
|
in step 5 of doc/INSTALL.
|
|
|
|
xxENDxx
|
|
|
|
Confirm "Do you want to proceed" "y" || exit 0
|
|
|
|
init_skip_dbs;
|
|
generate_key;
|
|
activate_skip;
|
|
|