Update generate_ssh_Key_and_cert.sh
Allow for up to 3 tries of signing the cert in case of incorrect password entry.
This commit is contained in:
parent
f1ff72a66c
commit
105413e533
1 changed files with 26 additions and 12 deletions
|
@ -150,19 +150,33 @@ else
|
|||
fi
|
||||
|
||||
if (( CA_KEY_THROUGH_SSH_AGENT )) && [[ -r "$CA_KEY_PATH" ]]; then
|
||||
for ((i=0; i<3; ++i)); do
|
||||
echo 'Signing certificate...'
|
||||
(( GPG_AGENT_ENABLED )) && gpg-connect-agent updatestartuptty /bye >&/dev/null
|
||||
ssh-keygen -Us "$CA_KEY_PATH" -I "$USER_KEY_IDENTIFIER" -V "$USER_KEY_EXPIRE_TIME" -n "$USER_KEY_USER_NAME" "${USER_PUBKEY_NAME}"
|
||||
if (( $? != 0 )); then
|
||||
echo "ERROR: Failed to sign certificate!"
|
||||
if (( i >= 2 )); then
|
||||
exit 1
|
||||
fi
|
||||
else
|
||||
break
|
||||
fi
|
||||
done
|
||||
elif [[ -r "$CA_KEY_PATH" ]]; then
|
||||
for ((i=0; i<3; ++i)); do
|
||||
echo 'Signing certificate...'
|
||||
(( GPG_AGENT_ENABLED )) && gpg-connect-agent updatestartuptty /bye >&/dev/null
|
||||
ssh-keygen -s "$CA_KEY_PATH" -I "$USER_KEY_IDENTIFIER" -V "$USER_KEY_EXPIRE_TIME" -n "$USER_KEY_USER_NAME" "${USER_PUBKEY_NAME}"
|
||||
if (( $? != 0 )); then
|
||||
echo "ERROR: Failed to sign certificate!"
|
||||
if (( i >= 2 )); then
|
||||
exit 1
|
||||
fi
|
||||
else
|
||||
break
|
||||
fi
|
||||
done
|
||||
else
|
||||
echo "ERROR: Invalid settings for CA key!"
|
||||
exit 1
|
||||
|
|
Loading…
Reference in a new issue