## Sign the various host keys.
last=%%%
-echo >&5 "### BEGIN $domain KEYS (generated $date)"
+idomain=$domain
+echo >&5 "### BEGIN $idomain KEYS (generated $date)"
while read line <&3; do
## Ignore comments and empty lines.
## Read the host line.
set -- $line
case "$1" in
- @domain) domain=$2 ;;
+ @domain) domain=$2; continue ;;
@*) echo >&2 "$0: unknown directive \`$1'"; exit 1 ;;
esac
host=$1
for kt in $rawkeytypes; do
if [ ! -f host/$host-$kt.pub ]; then continue; fi
cp host/$host-$kt.pub publish.new/
- ssh-keygen -q -tv00 -sca/ca-$kt \
+ ssh-keygen -q -sca/ca-$kt \
-h -I"$cacomment:$host.$domain" -n$names \
-V$validity \
publish.new/$host-$kt.pub
ssh-keygen -lv -fhost/$host-$kt.pub | sed 's,^,| ,' >&4
done
done
-echo >&5 "### END $domain KEYS"
+echo >&5 "### END $idomain KEYS"
exec 3>&- 4>&- 5>&-
## Sign the list.