KTAB Open Repository

diff --git a/TODO/checkexpiry.txt b/TODO/checkexpiry.txt
new file mode 100644
index 0000000000000000000000000000000000000000..f8b7ccce5e67728205a62ba474c57fb0779f1599
--- /dev/null
+++ b/TODO/checkexpiry.txt
@@ -0,0 +1,4 @@
+echo | openssl s_client -servername dev.lulli.net -connect dev.lulli.net:10000 2>/dev/null | openssl x509 -noout -dates
+
+ALSO:
+openssl verify -CAfile /home/paolo/.iron/CA/ca.crt  /home/paolo/.iron/dev.lulli.net/certs/paolo@dev.lulli.net/paolo@dev.lulli.net.crt




diff --git a/TODO/chertrenew.txt b/TODO/chertrenew.txt
new file mode 100644
index 0000000000000000000000000000000000000000..387ce8b891e959fed63b36067f6ef9f64f1ef0cf
--- /dev/null
+++ b/TODO/chertrenew.txt
@@ -0,0 +1 @@
+echo | openssl s_client -servername dev.lulli.net -connect dev.lulli.net:10000 2>/dev/null | openssl x509 -noout -dates




diff --git a/iron/libexec/Makefile.am b/iron/libexec/Makefile.am
index b0c2f1dc11a58d24de1cfd37a8be769e778dcc88..7ec1253861104762370c488f36d99bc6bacda10f 100644
--- a/iron/libexec/Makefile.am
+++ b/iron/libexec/Makefile.am
@@ -12,4 +12,8 @@ 	iron/iron-client\
 	iron/iron-service\
 	iron/iron-keystore\
 	iron/iron-pkcs12\
-	iron/iron-debug
+	iron/iron-debug\
+	iron-ssh-host\
+	iron-ssh-user\
+	iron-ssh-ca
+




diff --git a/iron/libexec/iron/iron-ssh-ca b/iron/libexec/iron/iron-ssh-ca
new file mode 100755
index 0000000000000000000000000000000000000000..751559d3acd130c3b58e99a6c6f7c256a593e01e
--- /dev/null
+++ b/iron/libexec/iron/iron-ssh-ca
@@ -0,0 +1,38 @@
+#! /bin/bash
+# Usage: $iron ssh-ca <host|user> <name>
+# Summary: create ssh CAs for hosts and users
+# Help: This command groups commands used to setup config create an ssh CA
+
+APPNAME="iron"
+CURRDIR=$(pwd)
+
+RCDIR=$HOME/.$APPNAME/ssh
+test -d $RCDIR || mkdir -p $RCDIR
+CURRENT_TSTAMP=$(date '+%Y%m%d%H%M')
+
+if [ "$#" = 2 ];then
+  subject=$1
+  name=$2
+  
+  if [ "$subject" = "host" ];then
+    hostname_dir=$RCDIR/hosts/${name}
+    test -d ${hostname_dir} || mkdir -p ${hostname_dir}
+    
+    ssh-keygen -t rsa -b 4096 -f "${hostname_dir}/${name}-host-ca" -C "Host CA: $name"
+    exit 0;
+  fi
+  
+  if [ "$subject" = "user" ];then
+    user_dir=$RCDIR/users/${name}
+    test -d ${user_dir} || mkdir -p ${user_dir}
+
+    ssh-keygen -t rsa -b 4096 -f "${user_dir}/${name}-user-ca" -C "User CA: $name"
+    exit 0;
+  fi
+  
+  echo "Usage: iron ssh-ca <host|user> <name>"
+  exit -1
+fi
+
+echo "Usage: iron ssh-ca <host|user> <name>"
+exit -1




diff --git a/iron/libexec/iron/iron-ssh-ca~ b/iron/libexec/iron/iron-ssh-ca~
new file mode 100644
index 0000000000000000000000000000000000000000..b818d86cbd09186aeac174b13ccc05729cca5eec
--- /dev/null
+++ b/iron/libexec/iron/iron-ssh-ca~
@@ -0,0 +1,32 @@
+#! /bin/bash 
+# Usage: $iron ssh-ca <host|user> <name>
+# Summary: create ssh CAs for hosts and users
+# Help: This command groups commands used to setup config create an ssh CA
+
+APPNAME="iron"
+CURRDIR=$(pwd)
+
+RCDIR=$HOME/.$APPNAME/ssh
+test -d $RCDIR || mkdir -p $RCDIR
+CURRENT_TSTAMP=$(date '+%Y%m%d%H%M')
+
+if [ "$#" = 2 ];then
+	subject=$1
+	name=$2
+    
+	if [ "$subject" = "host" ];then
+        	ssh-keygen -t rsa -b 4096 -f "${name}-host-ca" -C "Host CA: $name"
+	exit 0;
+        fi
+
+	if [ "$subject" = "user" ];then
+        	ssh-keygen -t rsa -b 4096 -f "${name}-user-ca" -C "Host CA: $name"
+	exit 0;
+        fi
+
+	echo "Usage: iron ssh-ca <host|user> <name>"
+	exit -1
+fi
+
+echo "Usage: iron ssh-ca <host|user> <name>"
+exit -1




diff --git a/iron/libexec/iron/iron-ssh-host b/iron/libexec/iron/iron-ssh-host
new file mode 100755
index 0000000000000000000000000000000000000000..99ab50da8673e45700c1807fa20f5c31f5aeef07
--- /dev/null
+++ b/iron/libexec/iron/iron-ssh-host
@@ -0,0 +1,32 @@
+#! /bin/bash
+# Usage: $iron ssh-host <hostname> <domain>
+# Summary: create ssh CAs for hosts and users
+# Help: This command groups commands used to setup config create an ssh CA
+
+APPNAME="iron"
+CURRDIR=$(pwd)
+
+RCDIR=$HOME/.$APPNAME/ssh
+test -d $RCDIR || mkdir -p $RCDIR
+CURRENT_TSTAMP=$(date '+%Y%m%d%H%M')
+
+if [ "$#" = 2 ];then
+  name=$1
+  domain=$2
+  
+  hostname_dir=$RCDIR/hosts/${name}
+  test -d ${hostname_dir} || mkdir -p ${hostname_dir}
+
+  keyname="${name}"
+  keyname_public="${name}.pub"
+  host_ca="${name}-host-ca"
+  ssh-keygen -f ${hostname_dir}/${keyname} -N '' -b 4096 -t rsa
+  ssh-keygen -s ${hostname_dir}/${host_ca} -I ${domain} -h -n ${domain} -V +52w ${hostname_dir}/${keyname_public}
+  exit 0
+  
+  echo "Usage: iron ssh-host <hostname> <domain>"
+  exit -1
+fi
+
+echo "Usage: iron ssh-host <hostname> <domain>"
+exit -1




diff --git a/iron/libexec/iron/iron-ssh-host~ b/iron/libexec/iron/iron-ssh-host~
new file mode 100644
index 0000000000000000000000000000000000000000..53432e67c7eb5f38036ddadfbbdb5a92676a7d24
--- /dev/null
+++ b/iron/libexec/iron/iron-ssh-host~
@@ -0,0 +1,29 @@
+#! /bin/bash
+# Usage: $iron ssh-host <hostname> <domain>
+# Summary: create ssh CAs for hosts and users
+# Help: This command groups commands used to setup config create an ssh CA
+
+APPNAME="iron"
+CURRDIR=$(pwd)
+
+RCDIR=$HOME/.$APPNAME/ssh
+test -d $RCDIR || mkdir -p $RCDIR
+CURRENT_TSTAMP=$(date '+%Y%m%d%H%M')
+
+if [ "$#" = 2 ];then
+  name=$1
+  domain=$2
+  
+    keyname="${name}-key"
+    keyname_public="${name}-key.pub"
+    host_ca="${name}-host-ca"
+    ssh-keygen -f ${keyname} -N '' -b 4096 -t rsa
+    ssh-keygen -s ${host_ca} -I ${domain} -h -n ${domain} -V +52w ${keyname_public}
+    exit 0
+  
+  echo "Usage: iron ssh-host <hostname> <domain>"
+  exit -1
+fi
+
+echo "Usage: iron ssh-host <hostname> <domain>"
+exit -1




diff --git a/iron/libexec/iron/iron-ssh-user b/iron/libexec/iron/iron-ssh-user
new file mode 100755
index 0000000000000000000000000000000000000000..a3757b1c888f4dcd3407efa957d1502e9dcf28eb
--- /dev/null
+++ b/iron/libexec/iron/iron-ssh-user
@@ -0,0 +1,38 @@
+#! /bin/bash
+# Usage: $iron ssh-user <username> <hostname> <accounts_list>
+# Summary: create ssh CAs for hosts and users
+# Help: This command groups commands used to setup config create an ssh CA
+
+APPNAME="iron"
+CURRDIR=$(pwd)
+
+RCDIR=$HOME/.$APPNAME/ssh
+test -d $RCDIR || mkdir -p $RCDIR
+CURRENT_TSTAMP=$(date '+%Y%m%d%H%M')
+
+if [ "$#" = 3 ];then
+  username=$1
+  hostname=$2
+  accounts_list=$3
+  
+  #hostname_dir=$RCDIR/hosts/${hostname}
+  #test -d ${hostname_dir} || mkdir -p ${hostname_dir}
+  user_dir=$RCDIR/users/${username}
+  test -d ${user_dir} || mkdir -p ${user_dir}
+
+  email="${username}@${hostname}"
+  keyname="${username}"
+  keyname_public="${username}.pub"
+  user_ca="${username}-user-ca"
+
+  ssh-keygen -f ${user_dir}/${keyname} -b 4096 -t rsa
+  ssh-keygen -s ${user_dir}/$user_ca -I ${email} -n "${accounts_list}" -V +1d ${user_dir}/${keyname_public}
+  
+  exit 0
+  
+  echo "Usage: iron ssh-user <username> <hostname> <accounts_list>"
+  exit -1
+fi
+
+echo "Usage: iron ssh-user <username> <hostname> <accounts_list>"
+exit -1




diff --git a/iron/libexec/iron/iron-ssh-user~ b/iron/libexec/iron/iron-ssh-user~
new file mode 100644
index 0000000000000000000000000000000000000000..395dc1931c7aa75219fb8af94947df8239c2dbce
--- /dev/null
+++ b/iron/libexec/iron/iron-ssh-user~
@@ -0,0 +1,31 @@
+#! /bin/bash
+# Usage: $iron ssh-user <username> <email> <accounts_list>
+# Summary: create ssh CAs for hosts and users
+# Help: This command groups commands used to setup config create an ssh CA
+
+APPNAME="iron"
+CURRDIR=$(pwd)
+
+RCDIR=$HOME/.$APPNAME/ssh
+test -d $RCDIR || mkdir -p $RCDIR
+CURRENT_TSTAMP=$(date '+%Y%m%d%H%M')
+
+if [ "$#" = 2 ];then
+  username=$1
+  domain=$2
+  accounts_list=$3
+  
+  keyname="${username}-key"
+  keyname_public="${username}-key.pub"
+  user_ca="${name}-host-ca"
+	ssh-keygen -f ${keyname} -b 4096 -t rsa
+	ssh-keygen -s $user_ca -I ${email} -n ${accounts_list} -V +1d ${keyname_public}
+
+  exit 0
+  
+  echo "Usage: iron ssh-user <username> <email> <accounts_list>"
+  exit -1
+fi
+
+echo "Usage: iron ssh-user <username> <email> <accounts_list>"
+exit -1
iron.git

commit 05ebf895ec62c8cd2ac00de2808aaa5da03f5f3a
