Machines again

This commit is contained in:
Geoffrey Frogeye 2017-01-14 20:56:42 +01:00
parent 9f57ff3046
commit 5a6ea6f20a

View file

@ -74,7 +74,7 @@ function _machines-pubFromCrt {
function _machines-regenKey { function _machines-regenKey {
if [[ -e $MACHINES_CONFIG/machines.key || -e $MACHINES_CONFIG/machines.pub || -e $MACHINES_CONFIG/machines.crt ]]; then if [[ -e $MACHINES_CONFIG/machines.key || -e $MACHINES_CONFIG/machines.pub || -e $MACHINES_CONFIG/machines.crt ]]; then
echo "Please delete the pem files manually to prove you know what you're doing" echo "[ERROR] Please delete the pem files manually to prove you know what you're doing."
else else
openssl genrsa -out $MACHINES_CONFIG/machines.key 4096 openssl genrsa -out $MACHINES_CONFIG/machines.key 4096
chmod 600 $MACHINES_CONFIG/machines.key chmod 600 $MACHINES_CONFIG/machines.key
@ -86,7 +86,7 @@ function _machines-regenKey {
function _machines-verifyCertificate { function _machines-verifyCertificate {
if openssl verify $MACHINES_CONFIG/machines.crt | grep -v 'error 18' | grep 'error' --quiet; then if openssl verify $MACHINES_CONFIG/machines.crt | grep -v 'error 18' | grep 'error' --quiet; then
echo "Invalid certificate" echo "[ERROR] Invalid certificate"
return 1 return 1
else else
return 0 return 0
@ -103,7 +103,7 @@ function _machines-ensurePub {
if [ $? == 1 ]; then if [ $? == 1 ]; then
mv $CERT_FILE $MACHINES_CONFIG/machines.crt &> /dev/null mv $CERT_FILE $MACHINES_CONFIG/machines.crt &> /dev/null
else else
echo "Certificate rejected." echo "[ERROR] Certificate rejected."
return 1 return 1
fi fi
fi fi
@ -155,7 +155,9 @@ function _machines-updateAkey {
yes | mv $KEY_FILE $MACHINES_HOME/.ssh/authorized_keys &> /dev/null yes | mv $KEY_FILE $MACHINES_HOME/.ssh/authorized_keys &> /dev/null
return 0 return 0
else else
cat $KEY_FILE
echo "[ERROR] Authorized keys are not properly signed" echo "[ERROR] Authorized keys are not properly signed"
rm $KEY_FILE
return 1 return 1
fi fi
} }