Progress.

authority/authority.go

@@ -83,8 +83,8 @@ type Authority struct {
 type AuthorityInfo struct {
 	StartTime time.Time
 	RootX509Certs           []*x509.Certificate
-	SSHCAUserCerts          []ssh.PublicKey
+	SSHCAUserPublicKey      []byte
-	SSHCAHostCerts          []ssh.PublicKey
+	SSHCAHostPublicKey      []byte
 }
 
 
@@ -568,13 +568,17 @@ func (a *Authority) GetAdminDatabase() admin.DB {
 }
 
 func (a *Authority) GetAuthorityInfo() *AuthorityInfo {
-	return &AuthorityInfo{
+	ai := &AuthorityInfo{
 		StartTime: a.startTime,
 		RootX509Certs: a.rootX509Certs,
-		SSHCAUserCerts: a.sshCAUserCerts,
-		SSHCAHostCerts: a.sshCAHostCerts,
 	}
-
+	if a.sshCAUserCertSignKey != nil {
+		ai.SSHCAUserPublicKey = ssh.MarshalAuthorizedKey(a.sshCAUserCertSignKey.PublicKey())
+	}
+	if a.sshCAHostCertSignKey != nil {
+		ai.SSHCAHostPublicKey = ssh.MarshalAuthorizedKey(a.sshCAHostCertSignKey.PublicKey())
+	}
+	return ai
 }
 
 // IsAdminAPIEnabled returns a boolean indicating whether the Admin API has

ca/ca.go

@@ -305,11 +305,11 @@ func (ca *CA) Run() error {
 			 sum := sha256.Sum256(crt.Raw)
 			 log.Printf("X.509 Root Fingerprint: %s", hex.EncodeToString(sum[:]))
 		}
-		if ca.config.SSH != nil {
+		if authorityInfo.SSHCAHostPublicKey != nil {
-			log.Printf("SSH Host CA Key: %s\n", ca.config.SSH.HostKey)
+			log.Printf("SSH Host CA Key: %s\n", authorityInfo.SSHCAHostPublicKey)
 		}
-		if ca.config.SSH != nil {
+		if authorityInfo.SSHCAUserPublicKey != nil {
-			log.Printf("SSH User CA Key: %s\n", ca.config.SSH.UserKey)
+			log.Printf("SSH User CA Key: %s\n", authorityInfo.SSHCAUserPublicKey)
 		}
 		log.Printf("Documentation: https://u.step.sm/docs/ca")
 		log.Printf("Community Discord: https://u.step.sm/discord")