I'm trying to export PGP sub keys to a remote machine using this script:
#!/bin/bash
ssh-keyscan -H $REMOTE_MACHINE >> /root/.ssh/known_hosts
gpg2 --verbose --export-secret-key \
$EXPORT_THIS_ID | sshpass -p $REMOTE_PASS \
ssh $REMOTE_USER@$REMOTE_MACHINE \
gpg2 --verbose --import
echo '' > /root/.ssh/known_hosts
and am getting a response of:
# host.mynet.lan:22 SSH-2.0-OpenSSH_8.0
# host.mynet.lan:22 SSH-2.0-OpenSSH_8.0
# host.mynet.lan:22 SSH-2.0-OpenSSH_8.0
# host.mynet.lan:22 SSH-2.0-OpenSSH_8.0
# host.mynet.lan:22 SSH-2.0-OpenSSH_8.0
gpg: writing to stdout
gpg: WARNING: nothing exported
Permission denied, please try again.
This is done from a nodejs backend, the script is run using child.spawn and the response is piped to the frontend to be displayed to the user.
I see gpg says writing to stdout, but am not sure where to go from here.
The above script works perfectly. My issue was how I was passing the $REMOTE_PASS variable to the script. For those who come across this, beware of special chars in the password. Encapsulate the pass in ""(inverted commas) if necessary. For security purposes don't handle passwords like this if the password is highly secret.
In my case, the password is no longer usable after this initial connection.