Update generate_ssh_Key_and_cert.sh
Allow for up to 3 tries of signing the cert in case of incorrect password entry.
This commit is contained in:
parent
f1ff72a66c
commit
105413e533
1 changed files with 26 additions and 12 deletions
|
@ -150,19 +150,33 @@ else
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if (( CA_KEY_THROUGH_SSH_AGENT )) && [[ -r "$CA_KEY_PATH" ]]; then
|
if (( CA_KEY_THROUGH_SSH_AGENT )) && [[ -r "$CA_KEY_PATH" ]]; then
|
||||||
|
for ((i=0; i<3; ++i)); do
|
||||||
|
echo 'Signing certificate...'
|
||||||
(( GPG_AGENT_ENABLED )) && gpg-connect-agent updatestartuptty /bye >&/dev/null
|
(( GPG_AGENT_ENABLED )) && gpg-connect-agent updatestartuptty /bye >&/dev/null
|
||||||
ssh-keygen -Us "$CA_KEY_PATH" -I "$USER_KEY_IDENTIFIER" -V "$USER_KEY_EXPIRE_TIME" -n "$USER_KEY_USER_NAME" "${USER_PUBKEY_NAME}"
|
ssh-keygen -Us "$CA_KEY_PATH" -I "$USER_KEY_IDENTIFIER" -V "$USER_KEY_EXPIRE_TIME" -n "$USER_KEY_USER_NAME" "${USER_PUBKEY_NAME}"
|
||||||
if (( $? != 0 )); then
|
if (( $? != 0 )); then
|
||||||
echo "ERROR: Failed to sign certificate!"
|
echo "ERROR: Failed to sign certificate!"
|
||||||
|
if (( i >= 2 )); then
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
else
|
||||||
|
break
|
||||||
|
fi
|
||||||
|
done
|
||||||
elif [[ -r "$CA_KEY_PATH" ]]; then
|
elif [[ -r "$CA_KEY_PATH" ]]; then
|
||||||
|
for ((i=0; i<3; ++i)); do
|
||||||
|
echo 'Signing certificate...'
|
||||||
(( GPG_AGENT_ENABLED )) && gpg-connect-agent updatestartuptty /bye >&/dev/null
|
(( GPG_AGENT_ENABLED )) && gpg-connect-agent updatestartuptty /bye >&/dev/null
|
||||||
ssh-keygen -s "$CA_KEY_PATH" -I "$USER_KEY_IDENTIFIER" -V "$USER_KEY_EXPIRE_TIME" -n "$USER_KEY_USER_NAME" "${USER_PUBKEY_NAME}"
|
ssh-keygen -s "$CA_KEY_PATH" -I "$USER_KEY_IDENTIFIER" -V "$USER_KEY_EXPIRE_TIME" -n "$USER_KEY_USER_NAME" "${USER_PUBKEY_NAME}"
|
||||||
if (( $? != 0 )); then
|
if (( $? != 0 )); then
|
||||||
echo "ERROR: Failed to sign certificate!"
|
echo "ERROR: Failed to sign certificate!"
|
||||||
|
if (( i >= 2 )); then
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
else
|
||||||
|
break
|
||||||
|
fi
|
||||||
|
done
|
||||||
else
|
else
|
||||||
echo "ERROR: Invalid settings for CA key!"
|
echo "ERROR: Invalid settings for CA key!"
|
||||||
exit 1
|
exit 1
|
||||||
|
|
Loading…
Reference in a new issue