-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathuntrustkey.exp.template
executable file
·116 lines (111 loc) · 3.49 KB
/
untrustkey.exp.template
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
#!___EXPECTPATH___ -f
#
# This Expect script was generated by autoexpect on Fri Apr 13 08:49:12 2018
# Expect and autoexpect were both written by Don Libes, NIST.
#
# Note that autoexpect does not guarantee a working script. It
# necessarily has to guess about certain things. Two reasons a script
# might fail are:
#
# 1) timing - A surprising number of programs (rn, ksh, zsh, telnet,
# etc.) and devices discard or ignore keystrokes that arrive "too
# quickly" after prompts. If you find your new script hanging up at
# one spot, try adding a short sleep just before the previous send.
# Setting "force_conservative" to 1 (see below) makes Expect do this
# automatically - pausing briefly before sending each character. This
# pacifies every program I know of. The -c flag makes the script do
# this in the first place. The -C flag allows you to define a
# character to toggle this mode off and on.
set targetkey [lindex $argv 0]
send_user "targetkey '$targetkey'\n"
set force_conservative 0 ;# set to 1 to force conservative mode even if
;# script wasn't run conservatively originally
if {$force_conservative} {
set send_slow {1 .1}
proc send {ignore arg} {
sleep .1
exp_send -s -- $arg
}
}
#
# 2) differing output - Some programs produce different output each time
# they run. The "date" command is an obvious example. Another is
# ftp, if it produces throughput statistics at the end of a file
# transfer. If this causes a problem, delete these patterns or replace
# them with wildcards. An alternative is to use the -p flag (for
# "prompt") which makes Expect only look for the last line of output
# (i.e., the prompt). The -P flag allows you to define a character to
# toggle this mode off and on.
#
# Read the man page for more info.
#
# -Don
set timeout 20
spawn /usr/local/bin/gpg --yes --with-colons --fixed-list-mode --with-fingerprint --with-fingerprint --no-default-keyring --no-auto-key-locate --keyring ___KEYRINGDIRPATH___/pubpubring.gpg --secret-keyring ___KEYRINGDIRPATH___/pubsecring.gpg --trustdb-name ___KEYRINGDIRPATH___/pubtrustdb.gpg --edit-key $targetkey
match_max 100000
expect "*gpg> "
send -- "trust\r"
expect "trust\r
pub:*:$targetkey:*\r
*\r
*\r
*\r
*\r
\r
Please decide how far you trust this user to correctly verify other users' keys\r
(by looking at passports, checking fingerprints from different sources, etc.)\r
\r
1 = I don't know or won't say\r
2 = I do NOT trust\r
3 = I trust marginally\r
4 = I trust fully\r
5 = I trust ultimately\r
m = back to the main menu\r
\r
Your decision? "
send -- "2\r"
expect "2\r
\r
pub:*:$targetkey:*\r
*\r
*\r
*\r
*\r
\r
gpg> "
send -- "save\r"
expect eof
spawn ___GPGPATH___ --homedir ___KEYRINGDIRPATH___ --yes --with-colons --fixed-list-mode --with-fingerprint --with-fingerprint --no-default-keyring --no-auto-key-locate --keyring ___KEYRINGDIRPATH___/pubpubring.gpg --secret-keyring ___KEYRINGDIRPATH___/secsecring.gpg --trustdb-name ___KEYRINGDIRPATH___/sectrustdb.gpg --edit-key '$targetkey'
match_max 100000
expect "*gpg> "
send -- "trust\r"
expect "trust\r
pub:*:$targetkey:*\r
*\r
*\r
*\r
*\r
\r
Please decide how far you trust this user to correctly verify other users' keys\r
(by looking at passports, checking fingerprints from different sources, etc.)\r
\r
1 = I don't know or won't say\r
2 = I do NOT trust\r
3 = I trust marginally\r
4 = I trust fully\r
5 = I trust ultimately\r
m = back to the main menu\r
\r
Your decision? "
send -- "2\r"
expect "2\r
\r
pub:*:$targetkey:*\r
*\r
*\r
*\r
*\r
\r
gpg> "
send -- "save\r"
expect eof