Thanks for the tip Rudolf! I found out that gpg has a --homedir flag to do the obvious. Since gpg builds a database, I cannot simply copy the key.
Knowing that now, I can just create the gpg database via a standard recipe using the native utility package and install the files. -Damien On Tue, May 19, 2020 at 7:01 PM Rudolf J Streif <rudolf.str...@ibeeto.com> wrote: > Hi Damien, > On 5/19/20 7:05 AM, Damien LEFEVRE wrote: > > Hi, > > I've put GnuPG in my image, and I'd like to deploy a set to public and > private keys into the system images. > > How can I do that from recipes? > > You do this with a shell function that is added to > ROOTFS_POSTPROCESS_COMMAND. Here is a script that I use to create SSH keys: > > # Image post-processing to configure sshd > > # Setup ssh key login for these users > SSH_USERS ??= "" > SSH_DISALLOW_PWAUTH ??= "1" > > configure_sshd() { > # disallow password authentication > if [ "${SSH_DIALLOW_PWAUTH}" == "1" ]; then > echo "PasswordAuthentication no" >> > ${IMAGE_ROOTFS}/etc/ssh/sshd_config > fi > > # keys will be stored tmp/deploy/keys > mkdir -p ${DEPLOY_DIR}/keys > > # create the keys for the users > for user in ${SSH_USERS}; do > if [ ! -f ${DEPLOY_DIR}/keys/${user}-sshkey ]; then > /usr/bin/ssh-keygen -t rsa -N '' \ > -f ${DEPLOY_DIR}/keys/${user}-sshkey > fi > > # add public key to authorized_keys for the user > mkdir -p ${IMAGE_ROOTFS}/home/${user}/.ssh > cat ${DEPLOY_DIR}/keys/${user}-sshkey.pub \ > >> ${IMAGE_ROOTFS}/home/${user}/.ssh/authorized_keys > done > } > ROOTFS_POSTPROCESS_COMMAND += "configure_sshd;" > > I have this script as an include file that I included into my image > recipes. > > :rjs > > > Thanks, > -Damien > > > > -- > ----- > Rudolf J Streif > CEO/CTO ibeeto > +1.855.442.3386 x700 > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#49451): https://lists.yoctoproject.org/g/yocto/message/49451 Mute This Topic: https://lists.yoctoproject.org/mt/74325514/21656 Group Owner: yocto+ow...@lists.yoctoproject.org Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-