Archives/smallstep-certificates
2
0
Fork 0
mirror of https://github.com/smallstep/certificates.git synced 2024-11-13 07:10:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update templates.

Browse Source
This commit is contained in:
Mariano Cano 2019-11-25 19:59:53 -08:00 committed by max furman
parent 4f08a7816f
commit d4071108e1
1 changed files with 23 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
pki/templates.go
View File

@ -27,25 +27,39 @@ var SSHTemplates = &templates.SSHTemplates{
// SSHTemplateData contains the data of the default templates used on ssh. // SSHTemplateData contains the data of the default templates used on ssh.
var SSHTemplateData = map[string]string{ var SSHTemplateData = map[string]string{
// include.tpl adds the step ssh config file // include.tpl adds the step ssh config file.
//
// Note: on windows `Include C:\...` is treated as a relative path.
"include.tpl": `Host * "include.tpl": `Host *
Include {{.User.StepPath}}/ssh/config`, {{- if eq .User.GOOS "windows" }}
Include {{ .User.StepPath | replace "\\" "/" | trimPrefix "C:" }}/ssh/config
{{- else }}
Include {{.User.StepPath}}/ssh/config
{{- end }}`,
// config.tpl is the step ssh config file, it includes the Match rule // config.tpl is the step ssh config file, it includes the Match rule and
// and references the step known_hosts file // references the step known_hosts file.
//
// Note: on windows ProxyCommand requires the full path
"config.tpl": `Match exec "step ssh check-host %h" "config.tpl": `Match exec "step ssh check-host %h"
ForwardAgent yes ForwardAgent yes
{{- if .User.User }} {{- if .User.User }}
User {{.User.User}} User {{.User.User}}
{{- end }} {{- end }}
{{- if eq .User.GOOS "windows" }}
UserKnownHostsFile {{.User.StepPath}}\ssh\known_hosts
ProxyCommand C:\Windows\System32\cmd.exe /c step ssh proxycommand %r %h %p
{{- else }}
UserKnownHostsFile {{.User.StepPath}}/ssh/known_hosts UserKnownHostsFile {{.User.StepPath}}/ssh/known_hosts
ProxyCommand step ssh proxycommand %r %h %p`, ProxyCommand step ssh proxycommand %r %h %p
{{- end }}
`,
// known_hosts.tpl authorizes the ssh hosts key // known_hosts.tpl authorizes the ssh hosts key
"known_hosts.tpl": `@cert-authority * {{.Step.SSH.HostKey.Type}} {{.Step.SSH.HostKey.Marshal | toString | b64enc}} "known_hosts.tpl": `@cert-authority * {{.Step.SSH.HostKey.Type}} {{.Step.SSH.HostKey.Marshal | toString | b64enc}}
{{- range .Step.SSH.HostFederatedKeys}} {{- range .Step.SSH.HostFederatedKeys}}
@cert-authority * {{.Type}} {{.Marshal | toString | b64enc}} @cert-authority * {{.Type}} {{.Marshal | toString | b64enc}}
{{- end}} {{- end }}
`, `,
// sshd_config.tpl adds the configuration to support certificates // sshd_config.tpl adds the configuration to support certificates
@ -57,7 +71,7 @@ HostKey /etc/ssh/{{.User.Key}}`,
"ca.tpl": `{{.Step.SSH.UserKey.Type}} {{.Step.SSH.UserKey.Marshal | toString | b64enc}} "ca.tpl": `{{.Step.SSH.UserKey.Type}} {{.Step.SSH.UserKey.Marshal | toString | b64enc}}
{{- range .Step.SSH.UserFederatedKeys}} {{- range .Step.SSH.UserFederatedKeys}}
{{.Type}} {{.Marshal | toString | b64enc}} {{.Type}} {{.Marshal | toString | b64enc}}
{{- end}} {{- end }}
`, `,
} }