Machines again
This commit is contained in:
parent
9f57ff3046
commit
5a6ea6f20a
|
@ -74,7 +74,7 @@ function _machines-pubFromCrt {
|
||||||
|
|
||||||
function _machines-regenKey {
|
function _machines-regenKey {
|
||||||
if [[ -e $MACHINES_CONFIG/machines.key || -e $MACHINES_CONFIG/machines.pub || -e $MACHINES_CONFIG/machines.crt ]]; then
|
if [[ -e $MACHINES_CONFIG/machines.key || -e $MACHINES_CONFIG/machines.pub || -e $MACHINES_CONFIG/machines.crt ]]; then
|
||||||
echo "Please delete the pem files manually to prove you know what you're doing"
|
echo "[ERROR] Please delete the pem files manually to prove you know what you're doing."
|
||||||
else
|
else
|
||||||
openssl genrsa -out $MACHINES_CONFIG/machines.key 4096
|
openssl genrsa -out $MACHINES_CONFIG/machines.key 4096
|
||||||
chmod 600 $MACHINES_CONFIG/machines.key
|
chmod 600 $MACHINES_CONFIG/machines.key
|
||||||
|
@ -86,7 +86,7 @@ function _machines-regenKey {
|
||||||
|
|
||||||
function _machines-verifyCertificate {
|
function _machines-verifyCertificate {
|
||||||
if openssl verify $MACHINES_CONFIG/machines.crt | grep -v 'error 18' | grep 'error' --quiet; then
|
if openssl verify $MACHINES_CONFIG/machines.crt | grep -v 'error 18' | grep 'error' --quiet; then
|
||||||
echo "Invalid certificate"
|
echo "[ERROR] Invalid certificate"
|
||||||
return 1
|
return 1
|
||||||
else
|
else
|
||||||
return 0
|
return 0
|
||||||
|
@ -103,7 +103,7 @@ function _machines-ensurePub {
|
||||||
if [ $? == 1 ]; then
|
if [ $? == 1 ]; then
|
||||||
mv $CERT_FILE $MACHINES_CONFIG/machines.crt &> /dev/null
|
mv $CERT_FILE $MACHINES_CONFIG/machines.crt &> /dev/null
|
||||||
else
|
else
|
||||||
echo "Certificate rejected."
|
echo "[ERROR] Certificate rejected."
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
@ -155,7 +155,9 @@ function _machines-updateAkey {
|
||||||
yes | mv $KEY_FILE $MACHINES_HOME/.ssh/authorized_keys &> /dev/null
|
yes | mv $KEY_FILE $MACHINES_HOME/.ssh/authorized_keys &> /dev/null
|
||||||
return 0
|
return 0
|
||||||
else
|
else
|
||||||
|
cat $KEY_FILE
|
||||||
echo "[ERROR] Authorized keys are not properly signed"
|
echo "[ERROR] Authorized keys are not properly signed"
|
||||||
|
rm $KEY_FILE
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue