Commit | Line | Data |
---|---|---|
a91e8fcb MW |
1 | ### -*-sh-*- |
2 | ### | |
3 | ### Configuration for ssh-ca. | |
4 | ||
5 | ###-------------------------------------------------------------------------- | |
6 | ### General configuration. | |
7 | ||
8 | ## General configuration defaults. | |
9 | keytypes="rsa:3072 dsa:1024" | |
10 | domain="distorted.org.uk" | |
11 | cacomment="ssh-ca@$domain" | |
a29775ac | 12 | validity="-1h:+2d1h" |
50b96dc7 | 13 | publish_target="vampire.distorted.org.uk:/var/www/ssh-ca/" |
a91e8fcb MW |
14 | |
15 | ## GnuPG defaults. | |
16 | gnupg_key_type=RSA gnupg_key_length=3072 | |
17 | gnupg_key_realname_prefix="distorted.org.uk " | |
18 | gnupg_key_email_domain="$domain" | |
19 | ||
20 | ###-------------------------------------------------------------------------- | |
21 | ### Scope for the CA. | |
22 | ||
23 | ## Domain name. | |
24 | scope="*.$domain" | |
25 | ||
26 | ## IPv4 addresses. | |
27 | for i in 144 145 146 147 148 149; do scope=$scope,"62.49.204.$i"; done | |
28 | scope=$scope,"62.49.204.15?" | |
e03e9b8e MW |
29 | for i in 198 199; do scope=$scope,"172.29.$i.*"; done |
30 | scope=$scope,"212.13.198.69,212.13.198.7?" | |
a91e8fcb MW |
31 | |
32 | ## IPv6 addresses. | |
e03e9b8e MW |
33 | scope=$scope,"2001:470:1f08:1b98::2,2001:470:1f09:1b98:*" |
34 | scope=$scope,"2001:470:9740:*" | |
35 | scope=$scope,"2001:ba8:0:1d9:*,2001:ba8:1d9:*" | |
a91e8fcb MW |
36 | |
37 | ###----- That's all, folks -------------------------------------------------- |