geoffrey/dotfiles
geoffrey/dotfiles
1
0
Fork 0
Code Issues 8 Pull requests Releases Activity

Machines again

Browse source
This commit is contained in:
Geoffrey Frogeye 2017-01-14 20:56:42 +01:00
parent 9f57ff3046
commit 5a6ea6f20a
1 changed files with 6 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
scripts/machines.sh
View file

@ -74,7 +74,7 @@ function _machines-pubFromCrt {
function _machines-regenKey {
if [[ -e $MACHINES_CONFIG/machines.key || -e $MACHINES_CONFIG/machines.pub || -e $MACHINES_CONFIG/machines.crt ]]; then
echo "Please delete the pem files manually to prove you know what you're doing"
echo "[ERROR] Please delete the pem files manually to prove you know what you're doing."
else
openssl genrsa -out $MACHINES_CONFIG/machines.key 4096
chmod 600 $MACHINES_CONFIG/machines.key
@ -85,8 +85,8 @@ function _machines-regenKey {
}
function _machines-verifyCertificate {
if openssl verify $MACHINES_CONFIG/machines.crt | grep -v 'error18' | grep 'error' --quiet; then
echo "Invalid certificate"
if openssl verify $MACHINES_CONFIG/machines.crt | grep -v 'error 18' | grep 'error' --quiet; then
echo "[ERROR] Invalid certificate"
return 1
else
return 0
@ -103,7 +103,7 @@ function _machines-ensurePub {
if [ $? == 1 ]; then
mv $CERT_FILE $MACHINES_CONFIG/machines.crt &> /dev/null
else
echo "Certificate rejected."
echo "[ERROR] Certificate rejected."
return 1
fi
fi
@ -155,7 +155,9 @@ function _machines-updateAkey {
yes | mv $KEY_FILE $MACHINES_HOME/.ssh/authorized_keys &> /dev/null
return 0
else
cat $KEY_FILE
echo "[ERROR] Authorized keys are not properly signed"
rm $KEY_FILE
return 1
fi
}