# HG changeset patch
# User Steve Huston <huston@astro.princeton.edu>
# Date 1540479992 14400
# Node ID 88ed01a1094f2c213eb9cffe4c47fc22701b6f56
# Parent  d7cd94900d0e345bf7bfe92bc080b69b515941a6
SSH Certificate signing

diff -r d7cd94900d0e -r 88ed01a1094f .bash_aliases
--- a/.bash_aliases	Sun Oct 21 20:53:14 2018 -0400
+++ b/.bash_aliases	Thu Oct 25 11:06:32 2018 -0400
@@ -70,6 +70,18 @@
 }
 alias x='ssh xanadu.astro.princeton.edu'
 
+# SSH key signing with Vault for administration
+cert() {
+  export VAULT_ADDR='https://ajax.rc.princeton.edu:8200'
+  ssh-add -d $HOME/.ssh/picscie.pvt-cert.pub > /dev/null 2>&1
+  if vault login -method=radius username=vi-srh; then
+    vault write -field=signed_key ssh-client-signer/sign/root public_key=@$HOME/.ssh/picscie.pub > $HOME/.ssh/picscie.pvt-cert.pub
+    ssh-add $HOME/.ssh/picscie.pvt
+  else
+    echo Failed to login to vault, aborting
+  fi
+}
+
 # Proxying/tunneling - predominantly for my Mac laptop
 proxy() {
   PROXY_HOST=csesbh.princeton.edu