diff options
author | Gordon GECOS <u@adam> | 2023-11-22 11:25:48 -0500 |
---|---|---|
committer | Gordon GECOS <u@adam> | 2023-11-22 11:25:48 -0500 |
commit | d4910b2f19c34bc366b9d3af02669c6a40a14aec (patch) | |
tree | cd18cc620f5a23b70c1cbef2a16fcd425f15883c | |
parent | 18728c99f58e7dc5c6deefa9331e949e17faa9fb (diff) |
more
-rw-r--r-- | Makefile | 20 |
1 files changed, 8 insertions, 12 deletions
@@ -15,6 +15,12 @@ hostkey = /etc/ssh/ssh_host_ed25519_key | |||
15 | key = $(hostkey) | 15 | key = $(hostkey) |
16 | 16 | ||
17 | quoted_identity != printf %q $(identity) | 17 | quoted_identity != printf %q $(identity) |
18 | allowed = <(printf '"%s" ' $(quoted_identity); cat $(key).pub) | ||
19 | |||
20 | apt_dep_bins = /usr/bin/ssh-keygen /usr/sbin/sshd /usr/bin/basez | ||
21 | apt_deps = openssh-client openssh-server basez | ||
22 | #apt_dep_bins += /usr/bin/sipcalc | ||
23 | #apt_deps += sipcalc | ||
18 | 24 | ||
19 | .PHONY: testall clean install | 25 | .PHONY: testall clean install |
20 | .PHONY: validate check-novalidate find-principals verify | 26 | .PHONY: validate check-novalidate find-principals verify |
@@ -25,7 +31,7 @@ validate: $(signature) verify | |||
25 | $(dir $(target)): | 31 | $(dir $(target)): |
26 | mkdir -p $@ | 32 | mkdir -p $@ |
27 | $(target): | $(dir $(target)) | 33 | $(target): | $(dir $(target)) |
28 | echo hello world > $@ | 34 | date -Ins > $@ |
29 | 35 | ||
30 | %.sig: % | /usr/bin/ssh-keygen | 36 | %.sig: % | /usr/bin/ssh-keygen |
31 | $(SUDO) ssh-keygen -n file -I $(quoted_identity) -f $(key) -Y sign $^ | 37 | $(SUDO) ssh-keygen -n file -I $(quoted_identity) -f $(key) -Y sign $^ |
@@ -44,8 +50,6 @@ find-principals: $(signature) | /usr/bin/ssh-keygen | |||
44 | ssh-keygen -n file -s $(signature) -f $(allowed) \ | 50 | ssh-keygen -n file -s $(signature) -f $(allowed) \ |
45 | -Y $@ < $(target) | 51 | -Y $@ < $(target) |
46 | 52 | ||
47 | allowed = <(printf '"%s" ' $(quoted_identity); cat $(key).pub) | ||
48 | |||
49 | verify: | /usr/bin/ssh-keygen /usr/bin/basez | 53 | verify: | /usr/bin/ssh-keygen /usr/bin/basez |
50 | ssh-keygen -n file -I $(quoted_identity) -f $(allowed) -s $(signature) \ | 54 | ssh-keygen -n file -I $(quoted_identity) -f $(allowed) -s $(signature) \ |
51 | -Y $@ < $(target) | 55 | -Y $@ < $(target) |
@@ -55,18 +59,10 @@ verify: | /usr/bin/ssh-keygen /usr/bin/basez | |||
55 | sed -ne 's/^ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAI/I/p' | \ | 59 | sed -ne 's/^ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAI/I/p' | \ |
56 | basez -d | tail -c32 | basez -x | 60 | basez -d | tail -c32 | basez -x |
57 | 61 | ||
62 | |||
58 | /usr/bin/apt: | 63 | /usr/bin/apt: |
59 | $(warning Please install OpenSSH through your system package manager.) | 64 | $(warning Please install OpenSSH through your system package manager.) |
60 | @false | 65 | @false |
61 | 66 | ||
62 | apt_dep_bins = /usr/bin/ssh-keygen /usr/sbin/sshd | ||
63 | apt_dep_bins += /usr/bin/basez | ||
64 | #apt_dep_bins += /usr/bin/sipcalc | ||
65 | |||
66 | apt_deps = openssh-client openssh-server | ||
67 | apt_deps += basez | ||
68 | #apt_deps += sipcalc | ||
69 | |||
70 | $(apt_dep_bins): | /usr/bin/apt | 67 | $(apt_dep_bins): | /usr/bin/apt |
71 | $(SUDO) apt install --no-upgrade $(apt_deps) | 68 | $(SUDO) apt install --no-upgrade $(apt_deps) |
72 | |||