Updated doc.txt.

author Zoltán Felleg <zoltan.felleg@userrendszerhaz.hu>

Thu, 3 Dec 2020 19:49:17 +0000 (20:49 +0100)

committer Zoltán Felleg <zoltan.felleg@userrendszerhaz.hu>

Thu, 3 Dec 2020 19:49:17 +0000 (20:49 +0100)
author Zoltán Felleg <zoltan.felleg@userrendszerhaz.hu>
Thu, 3 Dec 2020 19:49:17 +0000 (20:49 +0100)
committer Zoltán Felleg <zoltan.felleg@userrendszerhaz.hu>
Thu, 3 Dec 2020 19:49:17 +0000 (20:49 +0100)
diff --git a/doc.txt b/doc.txt

index 32191f1feef0b041c4d5c607b63778f599240c91..926204efa07bb4d852e8115a7d8ad3a56c63ecdf 100644 (file)
--- a/doc.txt
+++ b/doc.txt
@@ -2,8 +2,8 @@ user CA generation:
    ssh-keygen -t ed25519 -C user-CA -f user-CA
  
  user CA setup (as root on ssh servers):
-  copy user-CA.pub to /etc/ssh
-  echo "TrustedUserCAKeys /etc/ssh/user-CA.pub" >/etc/ssh/sshd_config.d/99-user-CA.conf
+  cat user-CA.pub >>/etc/ssh/trusted-user-ca.keys
+  echo "TrustedUserCAKeys /etc/ssh/trusted-user-ca.keys" >/etc/ssh/sshd_config.d/99-user-CA.conf
  
  user key generation:
    ssh-keygen -t ed25519 -C <key comment> -f <key file>
@@ -30,7 +30,7 @@ host CA generation:
    ssh-keygen -t ed25519 -C host-CA -f host-CA
  
  host CA setup (as root on ssh clients):
-  echo "@cert-authority *.usr.user.hu <contents of host-CA.pub>" >/etc/ssh/ssh_known_hosts
+  echo "@cert-authority *.usr.user.hu <contents of host-CA.pub>" >>/etc/ssh/ssh_known_hosts
  
  host key signing (as root on ssh servers):
    ssh-keygen -h \
author	Zoltán Felleg <zoltan.felleg@userrendszerhaz.hu>
	Thu, 3 Dec 2020 19:49:17 +0000 (20:49 +0100)
committer	Zoltán Felleg <zoltan.felleg@userrendszerhaz.hu>
	Thu, 3 Dec 2020 19:49:17 +0000 (20:49 +0100)