Commit | Line | Data |
---|---|---|
a91e8fcb MW |
1 | ### -*-sh-*- |
2 | ### | |
3 | ### Configuration for ssh-ca. | |
4 | ||
5 | ###-------------------------------------------------------------------------- | |
6 | ### General configuration. | |
7 | ||
8 | ## General configuration defaults. | |
9 | keytypes="rsa:3072 dsa:1024" | |
10 | domain="distorted.org.uk" | |
11 | cacomment="ssh-ca@$domain" | |
cec686c0 | 12 | validity="-1d:+2d1h" |
50b96dc7 | 13 | publish_target="vampire.distorted.org.uk:/var/www/ssh-ca/" |
a91e8fcb MW |
14 | |
15 | ## GnuPG defaults. | |
16 | gnupg_key_type=RSA gnupg_key_length=3072 | |
17 | gnupg_key_realname_prefix="distorted.org.uk " | |
18 | gnupg_key_email_domain="$domain" | |
19 | ||
20 | ###-------------------------------------------------------------------------- | |
21 | ### Scope for the CA. | |
22 | ||
23 | ## Domain name. | |
24 | scope="*.$domain" | |
25 | ||
26 | ## IPv4 addresses. | |
27 | for i in 144 145 146 147 148 149; do scope=$scope,"62.49.204.$i"; done | |
28 | scope=$scope,"62.49.204.15?" | |
29 | for i in 198 199; do scope=$scope,"172.29.198.*,172.29.199.*"; done | |
30 | ||
31 | ## IPv6 addresses. | |
32 | scope=$scope,"2001:470:1f09:1b98:*,2001:470:9740:*" | |
33 | ||
34 | ###----- That's all, folks -------------------------------------------------- |