Lines Matching refs:ktype
88 for ktype in $PLAIN_TYPES ; do
89 verbose "$tid: sign host ${ktype} cert"
91 ${SSHKEYGEN} -q -N '' -t ${ktype} \
92 -f $OBJ/cert_host_key_${ktype} || \
93 fatal "ssh-keygen of cert_host_key_${ktype} failed"
95 $OBJ/cert_host_key_${ktype}.pub || fatal "KRL update failed"
96 cat $OBJ/cert_host_key_${ktype}.pub >> $OBJ/host_revoked_plain
97 case $ktype in
98 rsa-sha2-*) tflag="-t $ktype"; ca="$OBJ/host_ca_key2" ;;
103 -n $HOSTS $OBJ/cert_host_key_${ktype} ||
104 fatal "couldn't sign cert_host_key_${ktype}"
106 $OBJ/cert_host_key_${ktype}-cert.pub || \
108 cat $OBJ/cert_host_key_${ktype}-cert.pub >> $OBJ/host_revoked_cert
134 for ktype in $PLAIN_TYPES ; do
135 verbose "$tid: host ${ktype} cert connect"
138 echo HostKey $OBJ/cert_host_key_${ktype}
139 echo HostCertificate $OBJ/cert_host_key_${ktype}-cert.pub
143 attempt_connect "$ktype basic connect" "yes"
144 attempt_connect "$ktype empty KRL" "yes" \
146 attempt_connect "$ktype KRL w/ plain key revoked" "no" \
148 attempt_connect "$ktype KRL w/ cert revoked" "no" \
150 attempt_connect "$ktype KRL w/ CA revoked" "no" \
152 attempt_connect "$ktype empty plaintext revocation" "yes" \
154 attempt_connect "$ktype plain key plaintext revocation" "no" \
156 attempt_connect "$ktype cert plaintext revocation" "no" \
158 attempt_connect "$ktype CA plaintext revocation" "no" \
164 for ktype in $PLAIN_TYPES ; do
165 test -f "$OBJ/cert_host_key_${ktype}.pub" || fatal "no pubkey"
166 kh_revoke cert_host_key_${ktype}.pub >> $OBJ/known_hosts-cert.orig
169 for ktype in $PLAIN_TYPES ; do
170 verbose "$tid: host ${ktype} revoked cert"
173 echo HostKey $OBJ/cert_host_key_${ktype}
174 echo HostCertificate $OBJ/cert_host_key_${ktype}-cert.pub
190 for ktype in $PLAIN_TYPES ; do
191 verbose "$tid: host ${ktype} revoked cert"
194 echo HostKey $OBJ/cert_host_key_${ktype}
195 echo HostCertificate $OBJ/cert_host_key_${ktype}-cert.pub
216 case $ktype in
217 rsa-sha2-*) tflag="-t $ktype"; ca="$OBJ/host_ca_key2" ;;
255 for ktype in $PLAIN_TYPES ; do
257 verbose "$tid: host ${ktype} ${v} cert downgrade to raw key"
259 ${SSHKEYGEN} -q -N '' -t ${ktype} -f $OBJ/cert_host_key_${ktype} || \
260 fail "ssh-keygen of cert_host_key_${ktype} failed"
261 case $ktype in
262 rsa-sha2-*) tflag="-t $ktype"; ca="$OBJ/host_ca_key2" ;;
267 -n $HOSTS $OBJ/cert_host_key_${ktype} ||
268 fatal "couldn't sign cert_host_key_${ktype}"
271 cat $OBJ/cert_host_key_${ktype}.pub
275 echo HostKey $OBJ/cert_host_key_${ktype}
276 echo HostCertificate $OBJ/cert_host_key_${ktype}-cert.pub