Archives/smallstep-certificates
2
0
Fork 0
mirror of https://github.com/smallstep/certificates.git synced 2024-11-11 07:11:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update templates.

Browse Source
This commit is contained in:
Mariano Cano 2019-11-25 19:59:53 -08:00 committed by max furman
parent 4f08a7816f
commit d4071108e1
1 changed files with 23 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
pki/templates.go
View File

@ -27,25 +27,39 @@ var SSHTemplates = &templates.SSHTemplates{
// SSHTemplateData contains the data of the default templates used on ssh.
var SSHTemplateData = map[string]string{
// include.tpl adds the step ssh config file
// include.tpl adds the step ssh config file.
//
// Note: on windows `Include C:\...` is treated as a relative path.
"include.tpl": `Host *
Include {{.User.StepPath}}/ssh/config`,
{{- if eq .User.GOOS "windows" }}
Include {{ .User.StepPath | replace "\\" "/" | trimPrefix "C:" }}/ssh/config
{{- else }}
Include {{.User.StepPath}}/ssh/config
{{- end }}`,
// config.tpl is the step ssh config file, it includes the Match rule
// and references the step known_hosts file
// config.tpl is the step ssh config file, it includes the Match rule and
// references the step known_hosts file.
//
// Note: on windows ProxyCommand requires the full path
"config.tpl": `Match exec "step ssh check-host %h"
ForwardAgent yes
{{- if .User.User }}
{{- if .User.User }}
User {{.User.User}}
{{- end }}
{{- end }}
{{- if eq .User.GOOS "windows" }}
UserKnownHostsFile {{.User.StepPath}}\ssh\known_hosts
ProxyCommand C:\Windows\System32\cmd.exe /c step ssh proxycommand %r %h %p
{{- else }}
UserKnownHostsFile {{.User.StepPath}}/ssh/known_hosts
ProxyCommand step ssh proxycommand %r %h %p`,
ProxyCommand step ssh proxycommand %r %h %p
{{- end }}
`,
// known_hosts.tpl authorizes the ssh hosts key
"known_hosts.tpl": `@cert-authority * {{.Step.SSH.HostKey.Type}} {{.Step.SSH.HostKey.Marshal | toString | b64enc}}
{{- range .Step.SSH.HostFederatedKeys}}
@cert-authority * {{.Type}} {{.Marshal | toString | b64enc}}
{{- end}}
{{- end }}
`,
// sshd_config.tpl adds the configuration to support certificates
@ -57,7 +71,7 @@ HostKey /etc/ssh/{{.User.Key}}`,
"ca.tpl": `{{.Step.SSH.UserKey.Type}} {{.Step.SSH.UserKey.Marshal | toString | b64enc}}
{{- range .Step.SSH.UserFederatedKeys}}
{{.Type}} {{.Marshal | toString | b64enc}}
{{- end}}
{{- end }}
`,
}