mirror of
https://gitlab.com/mfocko/rpms.git
synced 2024-12-27 06:41:28 +01:00
sshd-mf: add RPM for configuring sshd with HC Vault
Signed-off-by: Matej Focko <me@mfocko.xyz>
This commit is contained in:
parent
88a3f7eaf5
commit
0ba1449494
3 changed files with 39 additions and 0 deletions
1
sshd-mf/90-mf-ca.conf
Normal file
1
sshd-mf/90-mf-ca.conf
Normal file
|
@ -0,0 +1 @@
|
|||
TrustedUserCAKeys /etc/ssh/sshd_config.d/trusted-user-ca-keys.pem
|
37
sshd-mf/sshd-mf.spec
Normal file
37
sshd-mf/sshd-mf.spec
Normal file
|
@ -0,0 +1,37 @@
|
|||
Name: sshd-mf
|
||||
Version: 0.1
|
||||
Release: 1%{?dist}
|
||||
Summary: SSHD configuration that allows logging in via signed SSH certificates
|
||||
License: MIT
|
||||
Source0: %{name}-%{version}.tar.gz
|
||||
|
||||
%description
|
||||
Configuration files for ssh server that allow logging in via signed SSH certificates
|
||||
provided by mf's HashiCorp Vault instance.
|
||||
|
||||
%prep
|
||||
%autosetup
|
||||
|
||||
%install
|
||||
mkdir -p %{buildroot}%{_sysconfdir}/ssh/sshd_config.d
|
||||
|
||||
install -m 600 trusted-user-ca-keys.pem %{buildroot}%{_sysconfdir}/ssh/sshd_config.d/
|
||||
install -m 600 90-mf-ca.conf %{buildroot}%{_sysconfdir}/ssh/sshd_config.d/
|
||||
|
||||
%post
|
||||
if [ -d /run/systemd ]; then
|
||||
systemctl restart sshd
|
||||
fi
|
||||
|
||||
%postun
|
||||
if [ -d /run/systemd ]; then
|
||||
systemctl restart sshd
|
||||
fi
|
||||
|
||||
%files
|
||||
%config %{_sysconfdir}/ssh/sshd_config.d/{trusted-user-ca-keys.pem,90-mf-ca.conf}
|
||||
|
||||
%changelog
|
||||
* Wed Aug 09 2023 Matej Focko <me@mfocko.xyz> - 0.1-1
|
||||
- Initial release
|
||||
|
1
sshd-mf/trusted-user-ca-keys.pem
Normal file
1
sshd-mf/trusted-user-ca-keys.pem
Normal file
|
@ -0,0 +1 @@
|
|||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC3WLRlb8NkXgJ3FLEK+9C2Sd96V6hJiDsnM8dboxScmlLrU7DsMzaTd+vbRDgFODiZ/e0JMEdbZq6XVfTZY5ZLjXeTJ7xlzx4FQy99g2EMgo+/zdRzisPAKLyAGVm7pcAQgUc/MlH7FVjNyflqDlyLq6ZXmjrP3tWBvm15gom8SlvelRer3uPuEG1I1yet2fS2NNggMS2zKEdJS89wAmYtwQLhbw4c6JMT+8mIHy/OHXurf+l13nGdTi09qbOzf3YykelnuIWDNWYIXnqldrcp58tzu8IUE70VZWxc0hV8t1pfQfN3ehi+K5MpnT9UAwMpRxO8kw+ZlDdy6keVtXiBJPEPAwYEbtDrFXWRbnq4eNndQt2FCXNz4JIPJBMME++0OU0gMQxyrLYsg7a6tkxViyvWaatntdkIFPTxoIjVVJxHHA0V+Pq9+6JpZmvm6NjHvR98Q7IzEqBPqPyguQgMEV0Ef6BR4ZwQ/9D8eYfjVaeviKTbBPDA/gy/eMP80os/4RhpyUpX6bsa0TDzXWlD7bFKyPoTTeV2VetyrNg15w2e0H3bO13jt90K9PUzCn0aYYwAUD5kvwEIX7SUTWYXI2BVfEh2Z9kEOVVpCRxzrMZqfdLJRWY6r0Ggtn8HozBMCSMJc72KKS69hPiXVgFHXiBvX7+anrantDzzPNsGTw==
|
Loading…
Reference in a new issue