mdw@git.distorted.org.uk Git - ssh-ca/blob - bin/setup

   1 #! /bin/sh
   2
   3 set -e
   4 . lib/func.sh
   5
   6 ## Check to see whether we're already set up.
   7 if [ -d ca ]; then
   8   echo >&2 "$0: already set up: delete ca/ to restart"
   9   exit 1
  10 fi
  11
  12 ## Clear out and recreate the old state directories.
  13 rm -rf gnupg ca ca.new publish publish.new
  14 mkdir -m700 gnupg ca.new
  15
  16 ## Generate the CA keys.
  17 for kt in $keytypes; do
  18   case $kt in
  19     *:*) bits=-b${kt#*:} kt=${kt%:*} ;;
  20     *) bits= ;;
  21   esac
  22   ssh-keygen -fca.new/ca-$kt -t$kt $bits -C"$cacomment" -N ""
  23 done
  24
  25 ## Generate the GnuPG key.
  26 run_gpg --batch -q --gen-key <<EOF
  27 %echo Generating key ssh-ca; hold on tight...
  28 Key-Type: $gnupg_key_type
  29 Key-Length: $gnupg_key_length
  30 Name-Real: ${gnupg_key_realname_prefix}ssh-ca
  31 Name-Comment: ssh-ca
  32 Name-Email: ssh-ca@$gnupg_key_email_domain
  33 EOF
  34
  35 ## Done.
  36 mv ca.new ca