6 ## Check to see whether we're already set up.
8 echo >&2 "$0: already set up: delete ca/ to restart"
12 ## Clear out and recreate the old state directories.
13 rm -rf gnupg ca ca.new publish publish.new
14 mkdir
-m700 gnupg ca.new
16 ## Generate the CA keys.
17 for kt
in $keytypes; do
19 *:*) bits
=-b
${kt#*:} kt
=${kt%:*} ;;
22 ssh-keygen
-fca.new
/ca-
$kt -t
$kt $bits -C
"$cacomment" -N
""
25 ## Generate the GnuPG key.
26 run_gpg
--batch -q
--gen-key
<<EOF
27 %echo Generating key ssh-ca; hold on tight...
28 Key-Type: $gnupg_key_type
29 Key-Length: $gnupg_key_length
30 Name-Real: ${gnupg_key_realname_prefix}ssh-ca
32 Name-Email: ssh-ca@$gnupg_key_email_domain