implement

2023-04-09 13:42:30 +02:00 · 2023-04-09 13:42:30 +02:00 · 7f8cb29675
commit 7f8cb29675
parent 2c87d22fa2
17 changed files with 379 additions and 47 deletions
--- a/roles/ssh/files/ca.sh
+++ b/roles/ssh/files/ca.sh
@ -0,0 +1,29 @@
+#!/bin/bash
+set -euo pipefail
+IFS=$'\n\t'
+
+HOSTCAKEY=/root/.ssh/host_ca_key
+USERCAKEY=/root/.ssh/user_ca_key
+
+host() {
+	PUBKEY="$2"
+	HOST="$3"
+
+	echo "$PUBKEY" > /tmp/"$HOST".pub
+	ssh-keygen -h -s "$HOSTCAKEY" -I "$HOST" -n "$HOST" /tmp/"$HOST".pub
+	cat /tmp/"$HOST"-cert.pub
+	rm /tmp/"$HOST"*.pub
+}
+
+user() {
+	PUBKEY="$2"
+	HOST="$3"
+	PRINCIPALS="$4"
+
+	echo "$PUBKEY" > /tmp/"$HOST".pub
+	ssh-keygen -s "$USERCAKEY" -I "$HOST" -n "$HOST","$PRINCIPALS" /tmp/"$HOST".pub
+	cat /tmp/"$HOST"-cert.pub
+	rm /tmp/"$HOST"*.pub
+}
+
+"$1" "$@"