Not sure why I ever thought this was a good idea.
-ca
-gnupg
-host
-publish
+ca/
+etc/
+gnupg/
+host/
+publish/
*.new
+++ /dev/null
-### -*-sh-*-
-###
-### Configuration for ssh-ca.
-
-###--------------------------------------------------------------------------
-### General configuration.
-
-## General configuration defaults.
-keytypes="rsa:3072 dsa:1024"
-domain="distorted.org.uk"
-cacomment="ssh-ca@$domain"
-validity="-1h:+2d1h"
-publish_target="sys-upload@stratocaster.distorted.org.uk:/var/www/ssh-ca/"
-
-## GnuPG defaults.
-gnupg_key_type=RSA gnupg_key_length=3072
-gnupg_key_realname_prefix="distorted.org.uk "
-gnupg_key_email_domain="$domain"
-
-###--------------------------------------------------------------------------
-### Scope for the CA.
-
-## Domain name.
-scope="*.$domain,*.binswood.org.uk"
-
-## IPv4 addresses.
-for i in 144 145 146 147 148 149; do scope=$scope,"62.49.204.$i"; done
-scope=$scope,"62.49.204.15?"
-for i in 198 199; do scope=$scope,"172.29.$i.*"; done
-scope=$scope,"212.13.198.69,212.13.198.7?"
-scope=$scope,"10.165.27.*"
-
-## IPv6 addresses.
-scope=$scope,"2001:470:1f08:1b98::2,2001:470:1f09:1b98:*"
-scope=$scope,"2001:470:9740:*"
-scope=$scope,"2001:ba8:0:1d9:*,2001:ba8:1d9:*"
-
-###----- That's all, folks --------------------------------------------------
+++ /dev/null
-### GnuPG configuration
-
-## Annoying copyright notice.
-no-greeting
-
-## Algorithm selection
-s2k-cipher-algo AES256
-s2k-digest-algo SHA256
-personal-cipher-preferences AES256 AES TWOFISH 3DES BLOWFISH CAST5
-personal-digest-preferences SHA256 SHA1 RIPEMD160
-personal-compress-preferences ZLIB ZIP
-default-preference-list AES TWOFISH 3DES BLOWFISH CAST5 SHA256 SHA1 RIPEMD160 ZLIB ZIP
+++ /dev/null
-### -*-conf-*-
-
-## Servers.
-ibanez \
- .dmz 62.49.204.153 2001:470:1f09:1b98::9 \
- .unsafe 172.29.199.14 2001:470:9740:1::14
-radius \
- .dmz 62.49.204.146 2001:470:1f09:1b98::2 \
- .unsafe 172.29.199.1 2001:470:9740:1::1 \
- .safe 172.29.199.193 2001:470:9740:4001::1 \
- .untrusted 172.29.198.1 2001:470:9740:8001::1
-roadstar \
- .dmz 62.49.204.147 2001:470:1f09:1b98::3 \
- .unsafe 172.29.199.2 2001:470:9740:1::2
-jem \
- .dmz 62.49.204.148 2001:470:1f09:1b98::4 \
- .unsafe 172.29.199.3 2001:470:9740:1::3
-artist \
- .dmz 62.49.204.149 2001:470:1f09:1b98::5 \
- .unsafe 172.29.199.4 2001:470:9740:1::4 \
- .untrusted 172.29.198.2 2001:470:9740:8001::2
-orange \
- 172.29.199.131 2001:ba8:1d9:6000::3:1
-fender \
- .jump 212.13.198.69 2001:ba8:0:1d9::2 \
- .colo 172.29.199.177 2001:ba8:1d9:2::1
-precision \
- .jump 212.13.198.70 2001:ba8:0:1d9::3 \
- .colo 172.29.199.178 2001:ba8:1d9:2::2
-telecaster tele \
- .jump 212.13.198.71 2001:ba8:0:1d9::4 \
- .colo 172.29.199.179 2001:ba8:1d9:2::3 \
- ftp dyndns
-stratocaster strat \
- .jump 212.13.198.72 2001:ba8:0:1d9::5 \
- .colo 172.29.199.180 2001:ba8:1d9:2::4 \
- git www
-jazz \
- .jump 212.13.198.73 2001:ba8:0:1d9::6 \
- .colo 172.29.199.181 2001:ba8:1d9:2::5 \
- .iodine 172.29.198.129
-jaguar \
- .jump 212.13.198.75 2001:ba8:0:1d9::8
-vampire \
- .dmz 62.49.204.150 2001:470:1f09:1b98::6 \
- .unsafe 172.29.199.5 2001:470:9740:1::5 \
- .safe 172.29.199.194 2001:470:9740:4001::2 \
- .untrusted 172.29.198.3 2001:470:9740:8001::3
-
-## Workstation and occasional guests.
-gibson
-marauder
-invader
-
-## Mobile devices.
-crybaby \
- 172.29.199.129 2001:ba8:1d9:6000::1:1
-terror \
- 172.29.199.130
-haze \
- 172.29.199.132 2001:ba8:1d9:6000::4:1
-
-## Satellite networks.
-@domain binswood.org.uk
-mango \
- 10.165.27.3
~mdw / ssh-ca / commitdiff