acmed(8), rsa(8): add role=client attribute to rsa keys

This commit is contained in:
cinap_lenrek 2021-12-06 15:40:18 +00:00
parent 69249e8313
commit be0b39f9c5
2 changed files with 3 additions and 3 deletions

View file

@ -159,7 +159,7 @@ On the TLS server side, you can generate a RSA key
and certificate signing request file like this: and certificate signing request file like this:
.IP .IP
.EX .EX
auth/rsagen -t 'service=tls owner=*' > cert.key auth/rsagen -t 'service=tls role=client owner=*' > cert.key
auth/rsa2csr 'CN=mydomain.com' cert.key \\ auth/rsa2csr 'CN=mydomain.com' cert.key \\
> /sys/lib/tls/acmed/mydomain.com.csr > /sys/lib/tls/acmed/mydomain.com.csr
.EE .EE

View file

@ -277,7 +277,7 @@ attribute on standard output.
Generate a fresh key and use it to start a TLS-enabled web server: Generate a fresh key and use it to start a TLS-enabled web server:
.IP .IP
.EX .EX
auth/rsagen -t 'service=tls owner=*' >key auth/rsagen -t 'service=tls role=client owner=*' >key
auth/rsa2x509 'C=US CN=*.cs.bell-labs.com' key | auth/rsa2x509 'C=US CN=*.cs.bell-labs.com' key |
auth/pemencode CERTIFICATE >cert auth/pemencode CERTIFICATE >cert
cat key >/mnt/factotum/ctl cat key >/mnt/factotum/ctl
@ -288,7 +288,7 @@ Generate a fresh key and configure a remote Unix system to
allow use of that key for logins: allow use of that key for logins:
.IP .IP
.EX .EX
auth/rsagen -t 'service=ssh' >key auth/rsagen -t 'service=ssh role=client' >key
auth/rsa2ssh key | ssh unix 'cat >>.ssh/authorized_keys' auth/rsa2ssh key | ssh unix 'cat >>.ssh/authorized_keys'
cat key >/mnt/factotum/ctl cat key >/mnt/factotum/ctl
ssh unix ssh unix