27 lines
593 B
Text
27 lines
593 B
Text
|
#!/bin/bash
|
||
|
set -euo pipefail
|
||
|
IFS=$'\n\t'
|
||
|
|
||
|
host() {
|
||
|
PUBKEY="$2"
|
||
|
HOST="$3"
|
||
|
|
||
|
echo "$PUBKEY" > {{ ssh_ca_dir }}/"$HOST".pub
|
||
|
ssh-keygen -h -s {{ ssh_ca_dir }}/keys/host_ca -I "$HOST" -n "$HOST" {{ ssh_ca_dir }}/"$HOST".pub
|
||
|
cat {{ ssh_ca_dir }}/"$HOST"-cert.pub
|
||
|
rm {{ ssh_ca_dir }}/"$HOST"*.pub
|
||
|
}
|
||
|
|
||
|
user() {
|
||
|
PUBKEY="$2"
|
||
|
HOST="$3"
|
||
|
PRINCIPALS="$4"
|
||
|
|
||
|
echo "$PUBKEY" > {{ ssh_ca_dir }}/"$HOST".pub
|
||
|
ssh-keygen -s {{ ssh_ca_dir }}/keys/user_ca -I "$HOST" -n "$HOST","$PRINCIPALS" {{ ssh_ca_dir }}/"$HOST".pub
|
||
|
cat {{ ssh_ca_dir }}/"$HOST"-cert.pub
|
||
|
rm {{ ssh_ca_dir }}/"$HOST"*.pub
|
||
|
}
|
||
|
|
||
|
"$1" "$@"
|