dylanschmittle/gist:309a3979c77d884ba84e6f0aee0952fd

## gistfile1.txt
#!/bin/sh
# Check For Args
if [ $# -eq 0 ]; then
  echo '"./batch-gpg.sh "Full Name" "email@domain.com"'
  echo "same password each prompt"
  exit 1
fi
# Make Temp Workspace
GNUPGHOME="$(mktemp -d)"
export GNUPGHOME
chmod 700 "$GNUPGHOME"

# Drop Hardened Config
cat >"$GNUPGHOME/gpg.conf" <<EOF
personal-cipher-preferences AES256 AES192 AES
personal-digest-preferences SHA512 SHA384 SHA256
personal-compress-preferences ZLIB BZIP2 ZIP Uncompressed
default-preference-list SHA512 SHA384 SHA256 AES256 AES192 AES ZLIB BZIP2 ZIP Uncompressed
cert-digest-algo SHA512
s2k-digest-algo SHA512
s2k-cipher-algo AES256
charset utf-8
fixed-list-mode
no-comments
no-emit-version
no-greeting
keyid-format 0xlong
list-options show-uid-validity
verify-options show-uid-validity
with-fingerprint
require-cross-certification
no-symkey-cache
use-agent
throw-keyids
EOF

# Create Template
export NAME=$1
export EMAIL=$2
cat >master <<EOF
     %echo Generating a basic OpenPGP key
     Key-Type: RSA
     Key-Length: 4096
     Key-Usage: cert
     Name-Real: ${NAME}
     Name-Email: ${EMAIL}
     Expire-Date: 0
     %commit
     %echo done
EOF

# Batch Create
gpg --batch --generate-key master

# Get KeyID and make a folder
FPR=$(gpg --list-options show-only-fpr-mbox --list-secret-keys | awk '{print $1}')
mkdir "$FPR"

# Subkey Generation and Export
gpg --quick-add-key "$FPR" rsa4096 sign 1y
gpg --armor --export-secret-subkeys "$FPR" > "keybase-key.asc"
gpg --quick-add-key "$FPR" rsa4096 encrypt 1y
gpg --quick-add-key "$FPR" rsa4096 auth 1y
gpg --armor --export-secret-keys "$FPR" > "$FPR/secret.asc"
gpg --armor --export-secret-subkeys "$FPR" > "$FPR/secret-sub.asc"
gpg --armor --export "$FPR" > "$FPR/public.asc"
gpg --armor --export "$FPR" > "keybase-public.asc"
tar --create --file "${NAME}-${EMAIL}.tar.gz" "$FPR"
gpg -K

# Clean up
rm -rf "$GNUPGHOME"

echo "If you have keybase installed do this"
echo ''
echo "  gpg --import keybase-public.asc"
echo "  gpg --import keybase-key.asc"
echo ''
echo "  keybase signup"
echo ''
echo "After your done importing, get the rest of your keys"
echo ''
echo "  gpg --import $FPR/secret.asc"
echo "  gpg --import $FPR/secret-sub.asc"
echo ''
echo "Hide away the archive, delete the folder and files"
echo ''
echo "https://github.com/drduh/YubiKey-Guide"
	#!/bin/sh
	# Check For Args
	if [ $# -eq 0 ]; then
	echo '"./batch-gpg.sh "Full Name" "email@domain.com"'
	echo "same password each prompt"
	exit 1
	fi
	# Make Temp Workspace
	GNUPGHOME="$(mktemp -d)"
	export GNUPGHOME
	chmod 700 "$GNUPGHOME"

	# Drop Hardened Config
	cat >"$GNUPGHOME/gpg.conf" <<EOF
	personal-cipher-preferences AES256 AES192 AES
	personal-digest-preferences SHA512 SHA384 SHA256
	personal-compress-preferences ZLIB BZIP2 ZIP Uncompressed
	default-preference-list SHA512 SHA384 SHA256 AES256 AES192 AES ZLIB BZIP2 ZIP Uncompressed
	cert-digest-algo SHA512
	s2k-digest-algo SHA512
	s2k-cipher-algo AES256
	charset utf-8
	fixed-list-mode
	no-comments
	no-emit-version
	no-greeting
	keyid-format 0xlong
	list-options show-uid-validity
	verify-options show-uid-validity
	with-fingerprint
	require-cross-certification
	no-symkey-cache
	use-agent
	throw-keyids
	EOF

	# Create Template
	export NAME=$1
	export EMAIL=$2
	cat >master <<EOF
	%echo Generating a basic OpenPGP key
	Key-Type: RSA
	Key-Length: 4096
	Key-Usage: cert
	Name-Real: ${NAME}
	Name-Email: ${EMAIL}
	Expire-Date: 0
	%commit
	%echo done
	EOF

	# Batch Create
	gpg --batch --generate-key master

	# Get KeyID and make a folder
	FPR=$(gpg --list-options show-only-fpr-mbox --list-secret-keys \| awk '{print $1}')
	mkdir "$FPR"

	# Subkey Generation and Export
	gpg --quick-add-key "$FPR" rsa4096 sign 1y
	gpg --armor --export-secret-subkeys "$FPR" > "keybase-key.asc"
	gpg --quick-add-key "$FPR" rsa4096 encrypt 1y
	gpg --quick-add-key "$FPR" rsa4096 auth 1y
	gpg --armor --export-secret-keys "$FPR" > "$FPR/secret.asc"
	gpg --armor --export-secret-subkeys "$FPR" > "$FPR/secret-sub.asc"
	gpg --armor --export "$FPR" > "$FPR/public.asc"
	gpg --armor --export "$FPR" > "keybase-public.asc"
	tar --create --file "${NAME}-${EMAIL}.tar.gz" "$FPR"
	gpg -K

	# Clean up
	rm -rf "$GNUPGHOME"

	echo "If you have keybase installed do this"
	echo ''
	echo " gpg --import keybase-public.asc"
	echo " gpg --import keybase-key.asc"
	echo ''
	echo " keybase signup"
	echo ''
	echo "After your done importing, get the rest of your keys"
	echo ''
	echo " gpg --import $FPR/secret.asc"
	echo " gpg --import $FPR/secret-sub.asc"
	echo ''
	echo "Hide away the archive, delete the folder and files"
	echo ''
	echo "https://github.com/drduh/YubiKey-Guide"