Mercurial > index.cgi > dotfiles
comparison .bash_aliases @ 194:bb1c927125a5
Add a timeout to the key & cert
| author | Steve Huston <huston@astro.princeton.edu> |
|---|---|
| date | Mon, 21 Sep 2020 16:06:35 -0400 |
| parents | 5d0e1adee7e0 |
| children | e04f955ab31c |
comparison
equal
deleted
inserted
replaced
| 193:5d0e1adee7e0 | 194:bb1c927125a5 |
|---|---|
| 76 cert() { | 76 cert() { |
| 77 export VAULT_ADDR='https://ajax.rc.princeton.edu:8200' | 77 export VAULT_ADDR='https://ajax.rc.princeton.edu:8200' |
| 78 ssh-add -d $HOME/.ssh/rc_vault_key-cert.pub > /dev/null 2>&1 | 78 ssh-add -d $HOME/.ssh/rc_vault_key-cert.pub > /dev/null 2>&1 |
| 79 if vault login -method=radius username=vi-srh; then | 79 if vault login -method=radius username=vi-srh; then |
| 80 vault write -field=signed_key ssh-client-signer/sign/root public_key=@$HOME/.ssh/rc_vault_key.pub > $HOME/.ssh/rc_vault_key-cert.pub | 80 vault write -field=signed_key ssh-client-signer/sign/root public_key=@$HOME/.ssh/rc_vault_key.pub > $HOME/.ssh/rc_vault_key-cert.pub |
| 81 ssh-add $HOME/.ssh/rc_vault_key | 81 ssh-add -t 36000 $HOME/.ssh/rc_vault_key |
| 82 else | 82 else |
| 83 echo Failed to login to vault, aborting | 83 echo Failed to login to vault, aborting |
| 84 fi | 84 fi |
| 85 } | 85 } |
| 86 | 86 |