Have a notion of fully trusted vs partially trusted keys.

install.sh

@@ -6,6 +6,7 @@ set errexit
 BASEDIR=${BASEDIR:-$HOME/.skel}
 MINIMAL=${MINIMAL:-0}
 INSTALL_KEYS=${INSTALL_KEYS:-1}
+TRUST_ALL_KEYS=${TRUST_ALL_KEYS:-0}
 INSTALL_PKGS=${INSTALL_PKGS:-$((1 - ${MINIMAL}))}
 
 if [[ ! -d $BASEDIR ]] ; then
@@ -110,7 +111,16 @@ function install_ssh_keys {
   echo 'Installing SSH keys...' >&2
   local AK="${HOME}/.ssh/authorized_keys"
   local key
-  for key in ${BASEDIR}/keys/ssh/* ; do
+  local keydir
+  if (( ${TRUST_ALL_KEYS} )) ; then
+    keydir=${BASEDIR}/keys/ssh
+  else
+    keydir=${BASEDIR}/keys/ssh/trusted
+  fi
+  for key in ${keydir}/* ; do
+    if [[ ! -f ${key} ]] ; then
+      continue
+    fi
     if ssh_key_already_installed "${key}" ; then
       echo "Key `basename ${key}` already installed..." >&2
       continue

keys/ssh/id_rsa_glaptop.pub

@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC8vQiJn9J2KjNIwX427Zq0gpvD1XdR0j+3gY1DTG1yGU808a001YCw0UTQzaSfRZ0ixWyOiFiZ0UcyZnJlN/dQeIKvxWeIW6T3kjpkjzLiBJbloHT0CvqJoz/VAPuBKH9sVKabZlmufqM3B43XDCDS8UGcxUmHxSFSh4hsqurP+ywI8QsoLz1epiFeUQCqsLG5LZIpthAYDOXtxp6cVoKgosi+zJm7sHG/pIof//WMW1xFCArEQfiWXa3Mv3Ir+geKej3lmWPMZNyGpGVtH9w0VHmzPX6OY02CelUoqe/yQDqZ0SjVKm0WZOHStAep0sxVR7/zHvS36Wk0eSptuenR davidtomaschik@glaptop

keys/ssh/trusted/id_ecdsa_human.pub

@@ -0,0 +1 @@
+../id_ecdsa_human.pub

keys/ssh/trusted/id_rsa_human.pub

@@ -0,0 +1 @@
+../id_rsa_human.pub