forked from TrueCloudLab/certificates
Add proxycommand and new lines to templates.
This commit is contained in:
parent
cf2b9301c0
commit
605d39e4e8
3 changed files with 8 additions and 5 deletions
|
@ -21,11 +21,10 @@ import (
|
||||||
"strconv"
|
"strconv"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/smallstep/certificates/authority/provisioner"
|
|
||||||
|
|
||||||
"github.com/pkg/errors"
|
"github.com/pkg/errors"
|
||||||
"github.com/smallstep/certificates/api"
|
"github.com/smallstep/certificates/api"
|
||||||
"github.com/smallstep/certificates/authority"
|
"github.com/smallstep/certificates/authority"
|
||||||
|
"github.com/smallstep/certificates/authority/provisioner"
|
||||||
"github.com/smallstep/cli/config"
|
"github.com/smallstep/cli/config"
|
||||||
"github.com/smallstep/cli/crypto/x509util"
|
"github.com/smallstep/cli/crypto/x509util"
|
||||||
"gopkg.in/square/go-jose.v2/jwt"
|
"gopkg.in/square/go-jose.v2/jwt"
|
||||||
|
|
1
go.sum
1
go.sum
|
@ -91,6 +91,7 @@ github.com/smallstep/certificates v0.14.0-rc.1.0.20191023014154-4669bef8c700/go.
|
||||||
github.com/smallstep/certinfo v0.0.0-20191008000228-b0e530932339/go.mod h1:n4YHPL9hJIyB+N4F2rPBy3mpPxMxTGJP5Pdsyaoc2Ns=
|
github.com/smallstep/certinfo v0.0.0-20191008000228-b0e530932339/go.mod h1:n4YHPL9hJIyB+N4F2rPBy3mpPxMxTGJP5Pdsyaoc2Ns=
|
||||||
github.com/smallstep/cli v0.12.1-0.20191016010425-15911d8625df h1:SSZWKGpaVmKQgTkfaQMnYLS/gYhRVVjvzdE1F9GiffU=
|
github.com/smallstep/cli v0.12.1-0.20191016010425-15911d8625df h1:SSZWKGpaVmKQgTkfaQMnYLS/gYhRVVjvzdE1F9GiffU=
|
||||||
github.com/smallstep/cli v0.12.1-0.20191016010425-15911d8625df/go.mod h1:zGPm8vWCqzvDqkdC1laFJNdIOjNSB8V4qDp68Ny538o=
|
github.com/smallstep/cli v0.12.1-0.20191016010425-15911d8625df/go.mod h1:zGPm8vWCqzvDqkdC1laFJNdIOjNSB8V4qDp68Ny538o=
|
||||||
|
github.com/smallstep/cli v0.13.3 h1:S29UydCtDVy0QQBtGdatq064tnks1/0DYxxnEtNiQpc=
|
||||||
github.com/smallstep/cli v0.14.0-rc.1.0.20191024214139-914a67ed80c2 h1:Q0B9XBAn3KzjZKH3ojxLQolUnHSXuomfFjm+/KbIdpY=
|
github.com/smallstep/cli v0.14.0-rc.1.0.20191024214139-914a67ed80c2 h1:Q0B9XBAn3KzjZKH3ojxLQolUnHSXuomfFjm+/KbIdpY=
|
||||||
github.com/smallstep/cli v0.14.0-rc.1.0.20191024214139-914a67ed80c2/go.mod h1:GoA1cE4YrZRRvVbFlPKJUsMuWHnFBX+R88j1pmpbGgk=
|
github.com/smallstep/cli v0.14.0-rc.1.0.20191024214139-914a67ed80c2/go.mod h1:GoA1cE4YrZRRvVbFlPKJUsMuWHnFBX+R88j1pmpbGgk=
|
||||||
github.com/smallstep/nosql v0.1.1-0.20191009043502-4b26d8029e61 h1:XM3mkHNBc6bEQhrZNEma+iz63xrmRFfCocmAEObeg/s=
|
github.com/smallstep/nosql v0.1.1-0.20191009043502-4b26d8029e61 h1:XM3mkHNBc6bEQhrZNEma+iz63xrmRFfCocmAEObeg/s=
|
||||||
|
|
|
@ -35,13 +35,15 @@ var sshTemplateData = map[string]string{
|
||||||
// and references the step known_hosts file
|
// and references the step known_hosts file
|
||||||
"config.tpl": `Match exec "step ssh check-host %h"
|
"config.tpl": `Match exec "step ssh check-host %h"
|
||||||
ForwardAgent yes
|
ForwardAgent yes
|
||||||
UserKnownHostsFile {{.User.StepPath}}/ssh/known_hosts`,
|
UserKnownHostsFile {{.User.StepPath}}/ssh/known_hosts
|
||||||
|
ProxyCommand step ssh proxycommand %r %h %p`,
|
||||||
|
|
||||||
// known_hosts.tpl authorizes the ssh hosts key
|
// known_hosts.tpl authorizes the ssh hosts key
|
||||||
"known_hosts.tpl": `@cert-authority * {{.Step.SSH.HostKey.Type}} {{.Step.SSH.HostKey.Marshal | toString | b64enc}}
|
"known_hosts.tpl": `@cert-authority * {{.Step.SSH.HostKey.Type}} {{.Step.SSH.HostKey.Marshal | toString | b64enc}}
|
||||||
{{- range .Step.SSH.HostFederatedKeys}}
|
{{- range .Step.SSH.HostFederatedKeys}}
|
||||||
@cert-authority * {{.Type}} {{.Marshal | toString | b64enc}}
|
@cert-authority * {{.Type}} {{.Marshal | toString | b64enc}}
|
||||||
{{- end}}`,
|
{{- end}}
|
||||||
|
`,
|
||||||
|
|
||||||
// sshd_config.tpl adds the configuration to support certificates
|
// sshd_config.tpl adds the configuration to support certificates
|
||||||
"sshd_config.tpl": `TrustedUserCAKeys /etc/ssh/ca.pub
|
"sshd_config.tpl": `TrustedUserCAKeys /etc/ssh/ca.pub
|
||||||
|
@ -52,7 +54,8 @@ HostKey /etc/ssh/{{.User.Key}}`,
|
||||||
"ca.tpl": `{{.Step.SSH.UserKey.Type}} {{.Step.SSH.UserKey.Marshal | toString | b64enc}}
|
"ca.tpl": `{{.Step.SSH.UserKey.Type}} {{.Step.SSH.UserKey.Marshal | toString | b64enc}}
|
||||||
{{- range .Step.SSH.UserFederatedKeys}}
|
{{- range .Step.SSH.UserFederatedKeys}}
|
||||||
{{.Type}} {{.Marshal | toString | b64enc}}
|
{{.Type}} {{.Marshal | toString | b64enc}}
|
||||||
{{- end}}`,
|
{{- end}}
|
||||||
|
`,
|
||||||
}
|
}
|
||||||
|
|
||||||
// getTemplates returns all the templates enabled
|
// getTemplates returns all the templates enabled
|
||||||
|
|
Loading…
Reference in a new issue