Lines Matching refs:ktype

88 for ktype in $PLAIN_TYPES ; do
89 verbose "$tid: sign host ${ktype} cert"
91 ${SSHKEYGEN} -q -N '' -t ${ktype} \
92 -f $OBJ/cert_host_key_${ktype} || \
93 fatal "ssh-keygen of cert_host_key_${ktype} failed"
95 $OBJ/cert_host_key_${ktype}.pub || fatal "KRL update failed"
96 cat $OBJ/cert_host_key_${ktype}.pub >> $OBJ/host_revoked_plain
97 case $ktype in
98 rsa-sha2-*) tflag="-t $ktype"; ca="$OBJ/host_ca_key2" ;;
103 -n $HOSTS $OBJ/cert_host_key_${ktype} ||
104 fatal "couldn't sign cert_host_key_${ktype}"
106 $OBJ/cert_host_key_${ktype}-cert.pub || \
108 cat $OBJ/cert_host_key_${ktype}-cert.pub >> $OBJ/host_revoked_cert
135 for ktype in $PLAIN_TYPES ; do
136 verbose "$tid: host ${ktype} cert connect privsep $privsep"
139 echo HostKey $OBJ/cert_host_key_${ktype}
140 echo HostCertificate $OBJ/cert_host_key_${ktype}-cert.pub
145 attempt_connect "$ktype basic connect" "yes"
146 attempt_connect "$ktype empty KRL" "yes" \
148 attempt_connect "$ktype KRL w/ plain key revoked" "no" \
150 attempt_connect "$ktype KRL w/ cert revoked" "no" \
152 attempt_connect "$ktype KRL w/ CA revoked" "no" \
154 attempt_connect "$ktype empty plaintext revocation" "yes" \
156 attempt_connect "$ktype plain key plaintext revocation" "no" \
158 attempt_connect "$ktype cert plaintext revocation" "no" \
160 attempt_connect "$ktype CA plaintext revocation" "no" \
167 for ktype in $PLAIN_TYPES ; do
168 test -f "$OBJ/cert_host_key_${ktype}.pub" || fatal "no pubkey"
169 kh_revoke cert_host_key_${ktype}.pub >> $OBJ/known_hosts-cert.orig
173 for ktype in $PLAIN_TYPES ; do
174 verbose "$tid: host ${ktype} revoked cert privsep $privsep"
177 echo HostKey $OBJ/cert_host_key_${ktype}
178 echo HostCertificate $OBJ/cert_host_key_${ktype}-cert.pub
196 for ktype in $PLAIN_TYPES ; do
197 verbose "$tid: host ${ktype} revoked cert"
200 echo HostKey $OBJ/cert_host_key_${ktype}
201 echo HostCertificate $OBJ/cert_host_key_${ktype}-cert.pub
222 case $ktype in
223 rsa-sha2-*) tflag="-t $ktype"; ca="$OBJ/host_ca_key2" ;;
261 for ktype in $PLAIN_TYPES ; do
263 verbose "$tid: host ${ktype} ${v} cert downgrade to raw key"
265 ${SSHKEYGEN} -q -N '' -t ${ktype} -f $OBJ/cert_host_key_${ktype} || \
266 fail "ssh-keygen of cert_host_key_${ktype} failed"
267 case $ktype in
268 rsa-sha2-*) tflag="-t $ktype"; ca="$OBJ/host_ca_key2" ;;
273 -n $HOSTS $OBJ/cert_host_key_${ktype} ||
274 fatal "couldn't sign cert_host_key_${ktype}"
277 cat $OBJ/cert_host_key_${ktype}.pub
281 echo HostKey $OBJ/cert_host_key_${ktype}
282 echo HostCertificate $OBJ/cert_host_key_${ktype}-cert.pub