Mercurial > index.cgi > dotfiles
diff .bash_aliases @ 167:88ed01a1094f
SSH Certificate signing
| author | Steve Huston <huston@astro.princeton.edu> |
|---|---|
| date | Thu, 25 Oct 2018 11:06:32 -0400 |
| parents | ab0fb2057b88 |
| children | 9fed6f4301db |
line wrap: on
line diff
--- a/.bash_aliases Sun Oct 21 20:53:14 2018 -0400 +++ b/.bash_aliases Thu Oct 25 11:06:32 2018 -0400 @@ -70,6 +70,18 @@ } alias x='ssh xanadu.astro.princeton.edu' +# SSH key signing with Vault for administration +cert() { + export VAULT_ADDR='https://ajax.rc.princeton.edu:8200' + ssh-add -d $HOME/.ssh/picscie.pvt-cert.pub > /dev/null 2>&1 + if vault login -method=radius username=vi-srh; then + vault write -field=signed_key ssh-client-signer/sign/root public_key=@$HOME/.ssh/picscie.pub > $HOME/.ssh/picscie.pvt-cert.pub + ssh-add $HOME/.ssh/picscie.pvt + else + echo Failed to login to vault, aborting + fi +} + # Proxying/tunneling - predominantly for my Mac laptop proxy() { PROXY_HOST=csesbh.princeton.edu