ssh-keygen -I <certificate identity> \
-n <principals> \
-s <user CA private key file> \
- -V <start YYYYMMDD[HHMM]:end YYYMMMDDD[HHMM]> \
+ -V <start YYYYMMDD[HHMM]:end YYYYMMDD[HHMM]> \
[-z <serial number>] \
<public key file>
where
-ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIDGFUbPEaFzLZseq81P3PaR0A1k6SOUtG+QDaQSZCiQoAAAAIPAaO/dzM9k131thRHcVjqd8CTkjuKjCiB+S1WGE5gXAAAAAAAAAAAAAAAABAAAAB2ZyaXR0ZXIAAAATAAAAB2ZyaXR0ZXIAAAAEcm9vdAAAAABivirwAAAAAGNgU3AAAAAAAAAAggAAABVwZXJtaXQtWDExLWZvcndhcmRpbmcAAAAAAAAAF3Blcm1pdC1hZ2VudC1mb3J3YXJkaW5nAAAAAAAAABZwZXJtaXQtcG9ydC1mb3J3YXJkaW5nAAAAAAAAAApwZXJtaXQtcHR5AAAAAAAAAA5wZXJtaXQtdXNlci1yYwAAAAAAAAAAAAAAMwAAAAtzc2gtZWQyNTUxOQAAACAnH/111PHTVbW73hpsG3Z0SX2CCLc8SpoEZM5adJOq+QAAAFMAAAALc3NoLWVkMjU1MTkAAABAmHLdBrjsBWkYhS/DTtFPq0dzBUkttYCeswN43AQHzqC2vpVDAw2eJXukGGWnveo0DPfOhmPvidUgBnbU7juWDw== fritter
+ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIEmK+aQlZFLn2mCUjRAIFAO7hSVWHyWgZWqglco1QlSSAAAAIPAaO/dzM9k131thRHcVjqd8CTkjuKjCiB+S1WGE5gXAAAAAAAAAAAAAAAABAAAAB2ZyaXR0ZXIAAAATAAAAB2ZyaXR0ZXIAAAAEcm9vdAAAAABjN3TwAAAAAGPZnXAAAAAAAAAAggAAABVwZXJtaXQtWDExLWZvcndhcmRpbmcAAAAAAAAAF3Blcm1pdC1hZ2VudC1mb3J3YXJkaW5nAAAAAAAAABZwZXJtaXQtcG9ydC1mb3J3YXJkaW5nAAAAAAAAAApwZXJtaXQtcHR5AAAAAAAAAA5wZXJtaXQtdXNlci1yYwAAAAAAAAAAAAAAMwAAAAtzc2gtZWQyNTUxOQAAACAnH/111PHTVbW73hpsG3Z0SX2CCLc8SpoEZM5adJOq+QAAAFMAAAALc3NoLWVkMjU1MTkAAABAR68RXVdPDvOyutU2Wy2V//bYChLjVQiHSwTToArCSzFDEQF8+uJQhV+ViN+8PtGz5JubLerKj0MvpQR4KeJADg== fritter
-ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIL9la31B/Uej7hwdaHkYQNdI0hKMhGP27J2eHZweqqGiAAAAIOZ2EkfObAMNmJA9LqC7M/ZXquYoZL/BUQjJRFHA9mq3AAAAAAAAAAAAAAABAAAABm1zemFibwAAABIAAAAGbXN6YWJvAAAABHJvb3QAAAAAYr4q8AAAAABjYFNwAAAAAAAAAIIAAAAVcGVybWl0LVgxMS1mb3J3YXJkaW5nAAAAAAAAABdwZXJtaXQtYWdlbnQtZm9yd2FyZGluZwAAAAAAAAAWcGVybWl0LXBvcnQtZm9yd2FyZGluZwAAAAAAAAAKcGVybWl0LXB0eQAAAAAAAAAOcGVybWl0LXVzZXItcmMAAAAAAAAAAAAAADMAAAALc3NoLWVkMjU1MTkAAAAgJx/9ddTx01W1u94abBt2dEl9ggi3PEqaBGTOWnSTqvkAAABTAAAAC3NzaC1lZDI1NTE5AAAAQPH2VXLLs0df+HgA8h3PplQxKWKXo2L+7MXNdrWFUp0dGvKSJVVPCjkKuqGMnK4JVsutNhO8RXSLWcB3UN44EQM= mszabo
+ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIKX87SOh2pp4BWyH8mpnhY8pAZBJ39sc2kVlhrjjEYFaAAAAIOZ2EkfObAMNmJA9LqC7M/ZXquYoZL/BUQjJRFHA9mq3AAAAAAAAAAAAAAABAAAABm1zemFibwAAABIAAAAGbXN6YWJvAAAABHJvb3QAAAAAYzd08AAAAABj2Z1wAAAAAAAAAIIAAAAVcGVybWl0LVgxMS1mb3J3YXJkaW5nAAAAAAAAABdwZXJtaXQtYWdlbnQtZm9yd2FyZGluZwAAAAAAAAAWcGVybWl0LXBvcnQtZm9yd2FyZGluZwAAAAAAAAAKcGVybWl0LXB0eQAAAAAAAAAOcGVybWl0LXVzZXItcmMAAAAAAAAAAAAAADMAAAALc3NoLWVkMjU1MTkAAAAgJx/9ddTx01W1u94abBt2dEl9ggi3PEqaBGTOWnSTqvkAAABTAAAAC3NzaC1lZDI1NTE5AAAAQH1sS9qxqkMFsB+OPfP7AzlNV4ee2uXvY57Chvhs2sN+p0K/Mj+c1Ewb7K/G4Ovcc5Q2wSRsVOsmjqjOvqxoQQA= mszabo
-ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIFxMT3id6MCd7RhrnrbeDUt33ATBcT6asyk2yj9p/Uh+AAAAIKi/tTFFqtdj0NgKdc3en1X10gD5x2ATTXMO3YhvuyRoAAAAAAAAAAAAAAABAAAAB3NjcmlwdHMAAAAIAAAABHJvb3QAAAAAYr4q8AAAAABjYFNwAAAAAAAAAIIAAAAVcGVybWl0LVgxMS1mb3J3YXJkaW5nAAAAAAAAABdwZXJtaXQtYWdlbnQtZm9yd2FyZGluZwAAAAAAAAAWcGVybWl0LXBvcnQtZm9yd2FyZGluZwAAAAAAAAAKcGVybWl0LXB0eQAAAAAAAAAOcGVybWl0LXVzZXItcmMAAAAAAAAAAAAAADMAAAALc3NoLWVkMjU1MTkAAAAgJx/9ddTx01W1u94abBt2dEl9ggi3PEqaBGTOWnSTqvkAAABTAAAAC3NzaC1lZDI1NTE5AAAAQC6oGOyQhzA9Rmb2SPqMtXSoKKgi7iD3tyvuBnUn9xNSBS1cwmiCpnASSMwJb3c9vqBct5CNa+r/Ws3UBAsnOQw= scripts
+ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAINUVmhz1uvu1V2JjEFjSs7MLqkPe+syM/Ghek7EeV1cGAAAAIKi/tTFFqtdj0NgKdc3en1X10gD5x2ATTXMO3YhvuyRoAAAAAAAAAAAAAAABAAAAB3NjcmlwdHMAAAATAAAAB3NjcmlwdHMAAAAEcm9vdAAAAABjN3TwAAAAAGPZnXAAAAAAAAAAggAAABVwZXJtaXQtWDExLWZvcndhcmRpbmcAAAAAAAAAF3Blcm1pdC1hZ2VudC1mb3J3YXJkaW5nAAAAAAAAABZwZXJtaXQtcG9ydC1mb3J3YXJkaW5nAAAAAAAAAApwZXJtaXQtcHR5AAAAAAAAAA5wZXJtaXQtdXNlci1yYwAAAAAAAAAAAAAAMwAAAAtzc2gtZWQyNTUxOQAAACAnH/111PHTVbW73hpsG3Z0SX2CCLc8SpoEZM5adJOq+QAAAFMAAAALc3NoLWVkMjU1MTkAAABAg4lM3DHWPQ2j3IRg9f1Mpyfg7NP1LjhBvGENlffkYgVaosdtS8bzJs6u6HvbBm0DB2ev9eR60ia5mTsOrQMlBg== scripts
--- /dev/null
+#!/bin/sh
+
+
+PROMPT="Please enter quarter for certificates"
+PROMPT=${PROMPT}" in the format YYYYq(1|2|3|4): "
+read -p "$PROMPT" CERT_YEAR_QUARTER
+CERT_YEAR=$(echo $CERT_YEAR_QUARTER | cut -c 1-4)
+CERT_QUARTER=$(echo $CERT_YEAR_QUARTER | cut -c 6)
+CURRENT_YEAR=$(date "+%Y")
+YEAR_DIFF=$(( $CERT_YEAR - $CURRENT_YEAR ))
+echo $CERT_YEAR_QUARTER $CERT_YEAR $CERT_QUARTER
+echo $CURRENT_YEAR $YEAR_DIFF
+
+case "$YEAR_DIFF" in
+ "0" | "1")
+ ;;
+ *)
+ echo "Invalid year ($CERT_YEAR) given, exiting." >&2
+ exit 1
+ ;;
+esac
+
+case "$CERT_QUARTER" in
+ "1")
+ # jan 1 - apr 30
+ CERT_START_YYYYMMDD="${CERT_YEAR}0101"
+ CERT_END_YYYYMMDD="${CERT_YEAR}0501"
+ ;;
+ "2")
+ # mar 1 - jun 30
+ CERT_START_YYYYMMDD="${CERT_YEAR}0401"
+ CERT_END_YYYYMMDD="${CERT_YEAR}0801"
+ ;;
+ "3")
+ # jun 1 - oct 31
+ CERT_START_YYYYMMDD="${CERT_YEAR}0701"
+ CERT_END_YYYYMMDD="${CERT_YEAR}1101"
+ ;;
+ "4")
+ # oct 1 - jan 31 (of next year)
+ CERT_START_YYYYMMDD="${CERT_YEAR}1001"
+ CERT_YEAR=$(( $CERT_YEAR + 1 ))
+ CERT_END_YYYYMMDD="${CERT_YEAR}0201"
+ ;;
+ *)
+ echo "Invalid quarter ($CERT_QUARTER) given, exiting." >&2
+ exit 1
+ ;;
+esac
+
+for CERT_NAME in fritter mszabo scripts zfelleg
+do
+ ssh-keygen -I $CERT_NAME \
+ -n "${CERT_NAME},root" \
+ -s user-CA \
+ -V ${CERT_START_YYYYMMDD}:$CERT_END_YYYYMMDD \
+ ${CERT_NAME}.pub
+done
-ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAILSOBzN0ZsYYW3vg2VvDnb3Zmu4x9/RXGD5LC2RaiD7AAAAAILRaOFNJvlYefDNQKxyjQ/TAQknjtFywKZj67Hqs17LrAAAAAAAAAAAAAAABAAAAB3pmZWxsZWcAAAATAAAAB3pmZWxsZWcAAAAEcm9vdAAAAABivirwAAAAAGNgU3AAAAAAAAAAggAAABVwZXJtaXQtWDExLWZvcndhcmRpbmcAAAAAAAAAF3Blcm1pdC1hZ2VudC1mb3J3YXJkaW5nAAAAAAAAABZwZXJtaXQtcG9ydC1mb3J3YXJkaW5nAAAAAAAAAApwZXJtaXQtcHR5AAAAAAAAAA5wZXJtaXQtdXNlci1yYwAAAAAAAAAAAAAAMwAAAAtzc2gtZWQyNTUxOQAAACAnH/111PHTVbW73hpsG3Z0SX2CCLc8SpoEZM5adJOq+QAAAFMAAAALc3NoLWVkMjU1MTkAAABAYh0QtzrmVsg50rpVaC+Ol8YJF0L97hH3FlVwjmtvOkpEEuRFMLU3OrkqUr1UdHel1CuwevTLccd8QZsNK8qvBg== zfelleg
+ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIK1xk2Kr5H9WBB4PF4Q6xH4d5Slhhqz9l+oCvCWjtHk0AAAAILRaOFNJvlYefDNQKxyjQ/TAQknjtFywKZj67Hqs17LrAAAAAAAAAAAAAAABAAAAB3pmZWxsZWcAAAATAAAAB3pmZWxsZWcAAAAEcm9vdAAAAABjN3TwAAAAAGPZnXAAAAAAAAAAggAAABVwZXJtaXQtWDExLWZvcndhcmRpbmcAAAAAAAAAF3Blcm1pdC1hZ2VudC1mb3J3YXJkaW5nAAAAAAAAABZwZXJtaXQtcG9ydC1mb3J3YXJkaW5nAAAAAAAAAApwZXJtaXQtcHR5AAAAAAAAAA5wZXJtaXQtdXNlci1yYwAAAAAAAAAAAAAAMwAAAAtzc2gtZWQyNTUxOQAAACAnH/111PHTVbW73hpsG3Z0SX2CCLc8SpoEZM5adJOq+QAAAFMAAAALc3NoLWVkMjU1MTkAAABAZh57Y56T3WIoPfAuq6A0SUKHtBpIC1zcQQySWr1nqFj86y6otag9Xp1wa/4glUwIbsDoJEa+PKlibqedQmmNDA== zfelleg
https://git.useribm.hu / user-ssh.git / commitdiff