aboutsummaryrefslogtreecommitdiff
path: root/cmd
diff options
context:
space:
mode:
authorKevin Lyda <kevin@ie.suberic.net>2017-01-27 08:42:30 +0000
committerNiall Sheridan <nsheridan@gmail.com>2017-01-27 08:42:30 +0000
commitfe53f90bf0c7fab6cbf5cb019a337e02c6b3ffbf (patch)
treecd7671eca3dbe23133864be719bb48cc0d361615 /cmd
parent450bee5d2e65d7a4e6de2e5d078f15163818c92b (diff)
Add a public_file_prefix option to cashier.conf
Allow the client to save the public key and public cert to files that start with public_file_prefix and end with .pub and -cert.pub respectively. This is the naming scheme the ssh IdentityFile config option supported for certs starting in version 5.4p1. Starting in version 7.2p1, an additional option, CertificateFile, was added, but the IdentityFile-only method with those names still works. Used in conjunction with a user's ~/.ssh/config file setting IdentitiesOnly and IdentityFile, this change will allow for multiple ssh CAs for different services. Note that this will resolve #49 .
Diffstat (limited to 'cmd')
-rw-r--r--cmd/cashier/main.go16
1 files changed, 10 insertions, 6 deletions
diff --git a/cmd/cashier/main.go b/cmd/cashier/main.go
index 26c6cbf..53deffd 100644
--- a/cmd/cashier/main.go
+++ b/cmd/cashier/main.go
@@ -16,12 +16,13 @@ import (
)
var (
- u, _ = user.Current()
- cfg = pflag.String("config", path.Join(u.HomeDir, ".cashier.conf"), "Path to config file")
- ca = pflag.String("ca", "http://localhost:10000", "CA server")
- keysize = pflag.Int("key_size", 2048, "Key size. Ignored for ed25519 keys")
- validity = pflag.Duration("validity", time.Hour*24, "Key validity")
- keytype = pflag.String("key_type", "rsa", "Type of private key to generate - rsa, ecdsa or ed25519")
+ u, _ = user.Current()
+ cfg = pflag.String("config", path.Join(u.HomeDir, ".cashier.conf"), "Path to config file")
+ ca = pflag.String("ca", "http://localhost:10000", "CA server")
+ keysize = pflag.Int("key_size", 2048, "Key size. Ignored for ed25519 keys")
+ validity = pflag.Duration("validity", time.Hour*24, "Key validity")
+ keytype = pflag.String("key_type", "rsa", "Type of private key to generate - rsa, ecdsa or ed25519")
+ publicFilePrefix = pflag.String("public_file_prefix", "", "Prefix for filename for public key and cert (optional, no default)")
)
func main() {
@@ -58,5 +59,8 @@ func main() {
if err := client.InstallCert(a, cert, priv); err != nil {
log.Fatalln(err)
}
+ if err := client.SavePublicFiles(c.PublicFilePrefix, cert, pub); err != nil {
+ log.Fatalln(err)
+ }
fmt.Println("Credentials added.")
}