deac
/
ssh-ca
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
1 Branch
0 Tags
105 KiB
Ruby 92.2%
Makefile 7.8%
 
 
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
Go to file
Denis Knauf e5a7448c5f init 2 years ago
.gitignore init 2 years ago
Makefile init 2 years ago
README.adoc init 2 years ago
ssh-ca init 2 years ago
ssh-ca.conf init 2 years ago

README.adoc 

Manual installation
===================

* Create user sshca:
+
----
useradd --system --no-user-group --shell /bin/sh --create-home --home-dir /srv/sshca sshca
----

* Create directories:
+
----
install -o sshca -m 0700 -d ~sshca/bin ~sshca/.local ~sshca/.local/sshca ~sshca/.local/sshca/pubs
----

* Copy `ssh-ca` script:
+
----
install -o sshca -m 0700 -t ~sshca/bin ssh-ca
----

* Create `authorized_keys`:
+
----
touch emptyfile
install -o sshca -m 0700 emptyfile ~sshca/.ssh/authorized_keys
rm emptyfile
----

* Create serial-file:
+
----
echo 0 > serial
install -o sshca -m 0600 serial ~sshca/.local/sshca
rm serial
----

* Create CA (no password):
+
----
ssh-keygen -t ed25519 -C "CA" -N '' -f ~sshca/.local/sshca/ca
----