craSH · June 27, 2020 23:17
diff --git a/sekey-keygen b/sekey-keygen
 #!/usr/bin/env bash
 # vim: ft=bash
 # A helper script for generating SSH keys in the Macbook Pro's secure enclave with SeKey [https://github.com/sekey/sekey]
 # This file created by craSH [https://github.com/craSH]
 # This work is licensed under a Creative Commons Attribution 4.0 International License [https://creativecommons.org/licenses/by/4.0/]

 # Secure umask - dirs 700, files 600
 umask 077

 # Exit if sekey is not installed
 [[ -x $(which sekey) ]] || exit 1

 # Set key label based on the current username and the only arg to this program, fix it up to not have spaces or stupid characters
 key_label=${USER}-$(echo "$1" | sed -E "s/[[:space:]]+/_/g;s/['\"]//g")
 pubkey_path="${HOME}/.ssh/id_ecdsa-${key_label}.pub"

 # Check if the key label already exists in the secure ecnlave, or if a public key by the same name is already present
 if [[ -e "${pubkey_path}" ]] || sekey --list-keys | grep -qF "${key_label}"; then
 	echo "Public key already exists - refusing to continue"
 	exit 1
 fi

 # Generate a key in the secure enclave with the fixed up key label
 sekey --generate-keypair "${key_label}"

 key_id=$(sekey --list-keys | awk "/${key_label}/ {print \$4}")
 public_key="$(sekey --export-key ${key_id}) ${key_label}_${key_id}"

 # Ensure ~/.ssh exists
 [[ -d "~/.ssh" ]] || mkdir -p "~/.ssh"

 # Write public key
 echo "${public_key}" > "${pubkey_path}"

 echo -e "SeKey ID & Public Key Path: ${key_id}\t${pubkey_path}"
 echo "${public_key}"
	#!/usr/bin/env bash
	# vim: ft=bash
	# A helper script for generating SSH keys in the Macbook Pro's secure enclave with SeKey [https://github.com/sekey/sekey]
	# This file created by craSH [https://github.com/craSH]
	# This work is licensed under a Creative Commons Attribution 4.0 International License [https://creativecommons.org/licenses/by/4.0/]

	# Secure umask - dirs 700, files 600
	umask 077

	# Exit if sekey is not installed
	[[ -x $(which sekey) ]] \|\| exit 1

	# Set key label based on the current username and the only arg to this program, fix it up to not have spaces or stupid characters
	key_label=${USER}-$(echo "$1" \| sed -E "s/[[:space:]]+/_/g;s/['\"]//g")
	pubkey_path="${HOME}/.ssh/id_ecdsa-${key_label}.pub"

	# Check if the key label already exists in the secure ecnlave, or if a public key by the same name is already present
	if [[ -e "${pubkey_path}" ]] \|\| sekey --list-keys \| grep -qF "${key_label}"; then
	echo "Public key already exists - refusing to continue"
	exit 1
	fi

	# Generate a key in the secure enclave with the fixed up key label
	sekey --generate-keypair "${key_label}"

	key_id=$(sekey --list-keys \| awk "/${key_label}/ {print \$4}")
	public_key="$(sekey --export-key ${key_id}) ${key_label}_${key_id}"

	# Ensure ~/.ssh exists
	[[ -d "~/.ssh" ]] \|\| mkdir -p "~/.ssh"

	# Write public key
	echo "${public_key}" > "${pubkey_path}"

	echo -e "SeKey ID & Public Key Path: ${key_id}\t${pubkey_path}"
	echo "${public_key}"